-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/04/2011 10:48 PM, Hal Lockhart wrote:
>
>> 3) A Standards Track document specifying how to encode public
>> keys as JSON-structured objects.
>>
>
> I would like to push back on the idea of only supporting naked public keys.
> It is my understanding that common cryto libraries, e.g. OpenSSL, expect
> public keys to be in certificates and the coding to get them to accept a
> naked key as input is ugly. I don't think they care if the cert is self
> signed or even signed at all, its just a format issue.
There is a huge difference between a crypto library and a PKIX stack.
Libraries like OpenSSL are mostly about implementing PKIX, the crypto
being a comparatively small part.
Carrying something like OpenSSL just to be able to sign stuff when
you don't require the semantics of a PKIX stack is an unnecessary
requirement.
Having the ability to do raw keys is useful.
Cheers Leif
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk47qUoACgkQ8Jx8FtbMZndssACgipdmK6md8DT3dWgvEnKAiwxW
ljQAnRvRR148h8f3t9ii9SVJ2sgfZ3ty
=2339
-----END PGP SIGNATURE-----
_______________________________________________
woes mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/woes
