[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: K-of-N subjects
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Carl" == Carl Ellison <email@example.com> writes:
Carl> At 06:57 PM 8/16/97 -0400, Michael Richardson wrote:
>> I concur with moving k-of-n to a seperate draft, with lots of
>> examples, and perhaps even some lawyer speak included.
Carl> This is something I'd like to hear more discussion about on
Carl> the list. Tatu and I went over this in person and by
Carl> personal e-mail prior to Munich and he convinced me of its
Carl> utility, but it has not had much discussion on the list.
Well, I got the discussion over lunch(s) with Tatu as it went on, so
I'm hardly the person to provide input.
I think k-of-n is of sufficient interest for CA type applications
that I think that justifies it. It ought to be a SHOULD, not a MUST
for implementations. I see CRC's (with pre-shared symmetric signing
keys) being the tool to let devices with very small CPUs to act as
verifiers. The relationship to Kerberos is strong here. Someone told
me that NT 5.0 will have Kerberos...
:!mcr!: | Network security programming, currently
Michael Richardson | on contract with DataFellows F-Secure IPSec
WWW: <A HREF="http://www.sandelman.ottawa.on.ca/People/Michael_Richardson/Bio.html">firstname.lastname@example.org</A>. PGP key available.
-----BEGIN PGP SIGNATURE-----
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface
-----END PGP SIGNATURE-----