Nelson Minar <[EMAIL PROTECTED]> writes: >The thing that makes me the most sad is that the PKI situation only seems to >be getting worse, not better.
The reason for this is that as we work on PKI deployment, we discover more and more (previously unknown) problems which need to be solved. If you look at PKI in 1978 it was pretty simple (certificates in a "public file"), then in the 1980's it got more complex with directories and CRLs and whatnot, and after that an ongoing stream of further issues which need to be addressed were discovered as systems were finally deployed. It's just getting harder and harder as we discover more and more problems when we try and actually implement the thing. Even what we know now is only the tip of the iceberg compared to what we're going to discover further down the track, and that's only identifying the *problems* to be solved, not providing solutions. PKI is like an erection: The more you think about it, the harder it gets. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
