-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/05/2011 02:11 PM, Phillip Hallam-Baker wrote:
> Support for naked keys is useful.
>
> Lack of support for certificates where needed would be unacceptable and
> render the format unsuited for many of the applications we need it for.
>
> Certificates are pretty simple to deal with. The problems that they are used
> to address are not simple.
I also think you need both. Sometimes you need to use a key for both
signing and TLS for instance.
>
> Whatever you thought of the 'Trust Router' proposal made at last IETF, it is
> certainly no simpler than the PKI based approach and that is before they
> have put it in operation and found the operational requirements.
I don't think that proposal is targeted for anything that comes even
remotely close to signed objects. Lets not go there.
Cheers Leif
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk475XUACgkQ8Jx8FtbMZndQEwCeNnyVkj0xpDRhvDuSNSH4/Mig
GH8An3R2UeKcGxUzpZhuUG8/Hakfx5z0
=XbMB
-----END PGP SIGNATURE-----
_______________________________________________
woes mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/woes
