To:
Derek Atkins <warlord@MIT.EDU>
Cc:
Keith Moore <moore@cs.utk.edu>, Steve Hanna <steve.hanna@sun.com>, Simon Josefsson <simon+keydist@josefsson.org>, Edward Lewis <lewis@tislabs.com>, keydist@cafax.se
From:
Edward Lewis <lewis@tislabs.com>
Date:
Tue, 15 Jan 2002 17:50:21 -0500
In-Reply-To:
<sjmsn98pibm.fsf@kikki.mit.edu>
Sender:
owner-keydist@cafax.se
Subject:
Re: looking for draft volunteers
I truely believe that we need to avoid DNS in the title. I have quickly read through the thread (if I can, I will go back and read it again when pressing deadlines pass) and would like to say that we need to get back to the need for key distribution. We need to understand what the applications need (for some value of applications). Arguing the way in which trust works and how it is (or is not) transferred has happened before and is what got us to form the mail list. Let's try a bottom up approach. A top down approach has not been fruitful so far. As part of that, and to get back to why I am replying to this message, is that we should look at the needs of the applications and not at the mechanism of distributing keying material. This is why I'd like to stick with Secure Keydist and not DNS Keydist. If we presuppose DNS, then this work should remain a part of the DNS WG's - which have ejected it. Therefore I don't want to presuppose DNS. Problem statements. Requirements. Vulernabilty assesments. Trust assumptions per protocol. That is where we need to begin. Thanks to those who have volunteered for some of this. When I see what folks want to edit/write, I'll see if there is something I need to contribute. Personally - I've already argued a bit in the DNS realm. I'm sitting back now trying to hear new voices and ideas... At 7:29 PM -0500 1/14/02, Derek Atkins wrote: >Keith Moore <moore@cs.utk.edu> writes: > >> > I dont think there will ever be a single "IETF Secure Keydist" protocol. >> >> perhaps there won't be a single protocol, but surely we'll have some >> name for what this group produces? and surely we hope vendors will >> implement it? > >Well, perhaps this can be solved by proper naming? Instead of "IETF >Secure Keydist", how about "DNS Keydist"? We can route around >these problems. :P > >> Keith > >-derek > >-- > Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory > Member, MIT Student Information Processing Board (SIPB) > URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH > warlord@MIT.EDU PGP key available -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=--=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Edward Lewis NAI Labs Phone: +1 443-259-2352 Email: lewis@tislabs.com Opinions expressed are property of my evil twin, not my employer.