On Fri, Aug 5, 2011 at 8:43 AM, Leif Johansson <[email protected]> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 08/05/2011 02:11 PM, Phillip Hallam-Baker wrote: > > Support for naked keys is useful. > > > > Lack of support for certificates where needed would be unacceptable and > > render the format unsuited for many of the applications we need it for. > > > > Certificates are pretty simple to deal with. The problems that they are > used > > to address are not simple. > > I also think you need both. Sometimes you need to use a key for both > signing and TLS for instance. > > > > > Whatever you thought of the 'Trust Router' proposal made at last IETF, it > is > > certainly no simpler than the PKI based approach and that is before they > > have put it in operation and found the operational requirements. > > I don't think that proposal is targeted for anything that comes even > remotely close to signed objects. Lets not go there.
Which is exactly what I am arguing for. If the group decided it is 'only' going to do raw key it would inevitably end up going there because the problems are going to take it there. The way to avoid going there is to build on the infrastructure already designed to go there and let people hook into that infrastructure where it is useful. Otherwise we are like the office that decides not to build a loading dock because handling deliveries of office supplies requires too much manual effort. If you need the office supplies you are going to be dealing with the deliveries. -- Website: http://hallambaker.com/
_______________________________________________ woes mailing list [email protected] https://www.ietf.org/mailman/listinfo/woes
