[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SPKI requirments (was: SPKI RFC draft)
>Some very top level requirements (i.e., just a list of the
>Useful as part of a system for:
>1. authentication of senders of mail
>2. mutual authentication of HTTP clients and servers
>3. key distribution for IPSEC
>4. authentication of posters to news groups
>5. assuring privacy of mail messages
>6. assuring privacy of Web page contents
7. mutual authentication for *arbitrary* client/server development.
In particular, I would like to conduct authentication in the application
level (not in IPSEC) and would like a standard API for handling certificates,
keys and signatures.
If PKI is "Infrastructure" then mail daemons, http daemons, etc should be
expected to program to the PKI API, not the other way around. I assume that
the above list was meant to guide us in the functionality we must provide.
Tony Bartoletti LL
SPI Project Leader LL LL
Computer Security Technology Center LL LL LL
Lawrence Livermore National Lab LL LL LL
PO Box 808, L - 303 LL LL LLLLLLLL
Livermore, CA 94551-9900 LL LLLLLLLL
email: firstname.lastname@example.org phone: 510-422-3881 LLLLLLLL