On Wed, Apr 10, 2002 at 06:50:24AM -0700, Mike Rosing wrote: > Not everyone agrees with Brands that these credentials work. > There's a group called "PKILAB" that's trying to make > access/credentials to work across large organizations, and they kind > of dismiss it.
Is there anything specific PKILAB have said about Brands certs? I'm not sure what their claim could be, from what I can see the Brands credentials provide or can equally be used with all of the common PKI models (RAs, CAs, OCSP, short-lived certs, revocation lists) plus a bunch of other options (blind refresh, update, privacy, etc) which are not possible with X.509 identity and attribute certificate PKIX stuff. btw I did a google search for PKILAB and Brands to see if I could find anything along the lines you mention and look what it said: Mar 2001 "Welcome Stefan Brands to PKILabs Advisory Board" http://www.cs.wisc.edu/~lists/archive/pkilab/msg00179.html Adam > I haven't really > sat down with them to find out why, but in general they feel that there's > some high level conceptual problems. I wish I had time to read all this > stuff!! But thanks for the pointers, at least I've got it copied so I > can read a page or so when I get a chance. > > Patience, persistence, truth, > Dr. mike