To:
Keith Moore <moore@cs.utk.edu>
Cc:
Steve Hanna <steve.hanna@sun.com>, Simon Josefsson <simon+keydist@josefsson.org>, Edward Lewis <lewis@tislabs.com>, keydist@cafax.se
From:
Derek Atkins <warlord@MIT.EDU>
Date:
14 Jan 2002 19:15:18 -0500
In-Reply-To:
<200201150010.g0F0AIi00965@astro.cs.utk.edu>
Sender:
owner-keydist@cafax.se
User-Agent:
Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7
Subject:
Re: looking for draft volunteers
I dont think there will ever be a single "IETF Secure Keydist"
protocol. Doesn't PKIX already try to solve some of the keydist
problem?
-derek
Keith Moore <moore@cs.utk.edu> writes:
> > Yea, but even if there is a framework with multiple levels of trust, a
> > company that implements only "causual" trust can still claim to be
> > "secure". Heck, companies claim to be secure when they use rot13. I
> > don't think you can stop that from happening.
>
> no, but what we hope they will say is that they implement
> "IETF secure keydist" and that customers will make that a check-off item.
>
> if we define "IETF secure keydist" in such a way that it is for casual
> use only, that's the best we'll get from those vendors.
>
> if we define "IETF secure keydist" in such a way that it can be used for
> more demanding purposes, we can probably get something which is suitable
> for more than casual use, as long as it's well-defined and implementable
> with reasonable effort.
>
> of course, there's a limit to what we can get. for instance, we can't
> do much to ensure quality of implementation, nor to ensure the security
> of the underlying platforms.
>
> Keith
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available