[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: K-of-N subjects


>>>>> "Carl" == Carl Ellison <cme@cybercash.com> writes:
    Carl> At 06:57 PM 8/16/97 -0400, Michael Richardson wrote:
    >> I concur with moving k-of-n to a seperate draft, with lots of
    >> examples, and perhaps even some lawyer speak included.

    Carl> This is something I'd like to hear more discussion about on
    Carl> the list.  Tatu and I went over this in person and by
    Carl> personal e-mail prior to Munich and he convinced me of its
    Carl> utility, but it has not had much discussion on the list.

  Well, I got the discussion over lunch(s) with Tatu as it went on, so
I'm hardly the person to provide input. 

  I think k-of-n is of sufficient interest for CA type applications
that I think that justifies it. It ought to be a SHOULD, not a MUST
for implementations. I see CRC's (with pre-shared symmetric signing
keys) being the tool to let devices with very small CPUs to act as
verifiers. The relationship to Kerberos is strong here. Someone told
me that NT 5.0 will have Kerberos...

   :!mcr!:            |  Network security programming, currently
   Michael Richardson | on contract with DataFellows F-Secure IPSec
 WWW: <A HREF="http://www.sandelman.ottawa.on.ca/People/Michael_Richardson/Bio.html">mcr@sandelman.ottawa.on.ca</A>. PGP key available.

Version: 2.6.3ia
Charset: latin1
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface


Follow-Ups: References: