[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: XKMS and NIH RE: Simplifying IKE
At 7:57 AM -0700 8/16/01, Hallam-Baker, Phillip wrote:
> > There is a difference between by suggesting support for a set of IETF
>> standards (the WG for which I do co-chair) vs. your promoting a
>> VeriSign/Microsoft technology. Perhaps you find this difference too
>> subtle, but I feel confident others on the list can make the
>> distinction.
>
>If you want to start flame wars I suggest that you try alt.flame.
I stand by my characterization of the differences I mentioned.
>The fact is that many if not most successful IETF protocols were
>designed by a small group and then brought to the IETF for
>standardization and change control. XKMS simply follows that tried
>and tested method.
Maybe in your more limited experience, but when I look at the longer
time frame in which I've been involved, I don't come to the same
conclusion.
>It is an open standard and has been submitted to a highly respected
>standards body backed by the main PKI vendors and several major
>customers.
The IETF has traditionally not been swayed by this sort of
endorsement. You may recall that we represent ourselves in the IETF,
not our employers.
>The choice of W3C was determined by two factors, first XKMS is both
>built on and designed to extend XML technology specified by W3C, the
>second is that the consensus amongst the prospective members was that
>W3C was the preferred forum.
That's reasonable.
>I suggest that you bother to find out who is a prospective member of
>the XKMS group before commenting on their security expertise.
If you took the time to read my message, you would note that I didn't
comment on the security abilities of the XKMS developers, but rather
the W3C.
Steve
References: