[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: My comments on the X/Open PKI requirements document

At 08:42 AM 4/5/96 -0500, Rodney Thayer wrote:

>fine.  you want another comment?  I think it's insane we have at least five
>standards organizations or groups looking at vaguely the same problem.
>(spki, pkix, x.509, aba, x/open.)

What's even stranger to me is that most of these are falling back on the old
X.509 path.  If that were the answer, there would be no reason to have so
much discussion.  The flurry of discussion reinforces my belief that that
emperor has no clothes.

The other day, in discussing this topic off-list, I started to write a
description of a user at his PC/Mac, using signature keys from his PK-aware
mailer.  I realized in the process that I haven't seen such descriptions.
Everyone is jumping at the step of "let's get this global directoroy of
names and keys and that will solve everyone's problem" without describing
user behavior.  If you don't know your customer, how do you know what the
requirements are?

I'd suggest that we provide such stories of anticipated user behaviors for
the archive as part of our effort.  I'll look for the one of mine I referred
to above.

 - Carl
|Carl M. Ellison          cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc., Suite 430                   http://www.cybercash.com/    |
|2100 Reston Parkway           PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Reston, VA 22091              Tel: (703) 620-4200                         |