Hi,Hannes
> > Regarding the revocation issue: If the client’s credentials get > revoked then he must not be able to successfully authenticate to the > AAA server anymore. Done. I don’t see how this can get any easier > regardless of the authentication protocol. on revocation issue, Traditional PKI based public key cryptography and cert: a client login with a revoked cert, server check status of the cert by ocsp protocol each time. Identity based public key cryptography: a client login with a expired identity||date, server can check status of the client's credential locally. > > Ciao > Hannes > > > Hi,Hannes, > > > > > > I personally believe that you will not get the necessary support > > from the EMU working group to get the charter changed and the group > > interested in IBE. > > I can tell you that I will not spend my time on it. > > > > My reasons are being less excited are: > > * Identity based crypto as a technology does not really solve a > > problem. (In case you are going to ask: "yes" I looked it some time > > ago when I tried to figure out what value it provides for some IETF > > protocols. And guess what - I couldn't find any benefits.) > > * "ETSI wants it" is not a good reason for me todo anything. > > * I have so many other great documents to review. > > * The IPR situation with identity based crypto makes me feel uneasy. > > > May I ask for the reason why you think you could not find any > benefits in identity based cryptography? > Only beacause it has IPR problems? > To be object, identity based cryptography is a great idea, you > don't have to transfer long public key, > and checking status of public keys frequently. > > Regards~~~ > > -Sujing
_______________________________________________ Emu mailing list Emu@ietf.org https://www.ietf.org/mailman/listinfo/emu