[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Summary of revised identity changes
-----BEGIN PGP SIGNED MESSAGE-----
>> a) For certificate authentication, in messages 3 and 4, you no longer
>> send both an ID and a certificate. Instead, you send only a
>> certificate and the receiver gets your identity from the certificate.
I'm profoundly unhappy about this.
I feel that it will lead to massive amounts of failure to interoperate.
Right now, I can make an X.509 implementation and a non-X.509
implementation (such as might be found in a handheld!) interop by arranging
for appropriate keys to be in the right places.
I.e. I can generate the handheld's "certificate" in a number of ways that
doesn't involve having the handheld actually know about X.509. The contents
of the CERT payload is just "bytes" - doesn't matter to the handheld.
Now, if you do this, then the handheld winds up with goop it doesn't
understand setting policy for it. Maybe this is appropriate for you, but not
for me.
I fear strongly that this proposal will permanently wed people to the
false belief that public key operations involve PKIs.
By all means, make the contents of certificates clear. But, they aren't to
be involved in the identities.
] ON HUMILITY: to err is human. To moo, bovine. | firewalls [
] Michael Richardson, Sandelman Software Works, Ottawa, ON |net architect[
] mcr@sandelman.ottawa.on.ca http://www.sandelman.ottawa.on.ca/ |device driver[
] panic("Just another Debian GNU/Linux using, kernel hacking, security guy"); [
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)
Comment: Finger me for keys
iQCVAwUBPfVIaoqHRg3pndX9AQFqGAP+Jp32hnaRe3IXQHAuUHeIo+Ge3+sXcw6O
Bg4OEOy2yaTnhnj3ffTab36+VYGJEvvDxgQ53+MUSfSU3ZI+9HSEbPrC1wFof62B
Sruk3aCcfbAu75myF0TgBIVkqELcgc65FEUZKvoJ+2U2Erbf7Ap9fTGO+fO2JyxJ
X4qgFRbinJo=
=Mlf6
-----END PGP SIGNATURE-----