On Sat, Jul 31, 2010 at 12:32:39PM -0400, Perry E. Metzger wrote: > 5 Also related to 3, but important in its own right: to quote Ian > Grigg: > > *** There should be one mode, and it should be secure. ***
6. Enrolment must be simple. I didn't see anything about transitive trust. My rule regarding that: 7. Transitive trust, if used at all, should be used to bootstrap non-transitive trust (see "enrolment must be simple") or should be limited to scales where transitive trust is likely to work (e.g., corporate scale). Nico -- --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com