In message <[EMAIL PROTECTED]> on Wed, 12 Oct 2005 20:18:21 +0100, Bruce Stephens <[EMAIL PROTECTED]> said:
monotone> Richard Levitte - VMS Whacker <[EMAIL PROTECTED]> writes: monotone> monotone> [...] monotone> monotone> > Yes, self-signed certificates would provide exactly the monotone> > same capabilities as today's key system does. This is monotone> > what OpenCM did (does?), and I questioned that kind of use monotone> > with that group, and I will here as well. Basically, it monotone> > provides nothing more than bloat around the keys. If monotone> > you're going to use X.509, do it for real. monotone> monotone> I think OpenCM can probably be considered as dead. Like monotone> Stellation. Shame, because both seemed to me to have monotone> interesting approaches to things. Yeah, although, when I got my fingers dirty with OpenCM, it didn't take me too long to realise that it would probably not become more than a platform for others to take the next step from. I can't say what exactly made me think so, it's a matter of intuition. monotone> By doing X.509 "for real", are you thinking of the full monotone> flexibility described in the recently published RFC 4158? No, I was thinking of making good use of things like policy attributes at assign roles or rights to a certificate holder. But sure, if you want, there's always the possibility of coupling the whole thing with a replicated LDAP repository and do the math with it :-). But you'll have to wait until that RFC is implemented in OpenSSL :-). monotone> I'm not saying that would be impossible---I believe the monotone> freely available CML software (part of SMP) will do all monotone> that, with knobs on. I'll have to check that out. Last time I looked at BAE Software, they hadn't come that far... monotone> Maybe that's a good argument against doing it: stop monotone> complaining doesn't use X.509, or we'll *really* do X.509, monotone> and then you'll be sorry. Hehehe Cheers, Richard ----- Please consider sponsoring my work on free software. See http://www.free.lp.se/sponsoring.html for details. -- Richard Levitte [EMAIL PROTECTED] http://richard.levitte.org/ "When I became a man I put away childish things, including the fear of childishness and the desire to be very grown up." -- C.S. Lewis _______________________________________________ Monotone-devel mailing list [email protected] http://lists.nongnu.org/mailman/listinfo/monotone-devel
