[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SPKI requirments (was: SPKI RFC draft)

To: spki@c2.org
Subject: Re: SPKI requirments (was: SPKI RFC draft)
From: azb@llnl.gov (Tony Bartoletti)
Date: Mon, 15 Apr 1996 12:36:38 -0800
Sender: owner-spki@c2.org

>
>Some very top level requirements (i.e., just a list of the
>applications):
>Useful as part of a system for:
>1. authentication of senders of mail
>2. mutual authentication of HTTP clients and servers
>3. key distribution for IPSEC
>4. authentication of posters to news groups
>5. assuring privacy of mail messages
>6. assuring privacy of Web page contents
>
>More?
>

How about:

7.  mutual authentication for *arbitrary* client/server development.

In particular, I would like to conduct authentication in the application
level (not in IPSEC) and would like a standard API for handling certificates,
keys and signatures.

If PKI is "Infrastructure" then mail daemons, http daemons, etc should be
expected to program to the PKI API, not the other way around.  I assume that
the above list was meant to guide us in the functionality we must provide.

___TONY___

Tony Bartoletti                                             LL
SPI Project Leader                                       LL LL
Computer Security Technology Center                   LL LL LL
Lawrence Livermore National Lab                       LL LL LL
PO Box 808, L - 303                                   LL LL LLLLLLLL
Livermore, CA 94551-9900                              LL LLLLLLLL
email: azb@llnl.gov   phone: 510-422-3881             LLLLLLLL

Prev by Date: Re: SPKI requirments (was: SPKI RFC draft)
Next by Date: Re: SPKI requirments (was: SPKI RFC draft)
Prev by thread: RE: SPKI requirments (was: SPKI RFC draft)
Next by thread: Re: SPKI requirments (was: SPKI RFC draft)
Index(es):
- Main
- Thread