[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: SPKI meeting at Chicago?
-----BEGIN PGP SIGNED MESSAGE-----
At 10:56 AM 8/22/98 -0400, Phillip Hallam-Baker wrote:
>PKIX is now integrated into Windows NT 5.0 as the fundamental security
>architecture. It is the infrastructure supported by all the PKI vendors.
Phill,
this is a circular argument. All commercial CAs are in the X.509 camp and
started out there. I have not yet seen a business case for a commercial CA
to issue SPKI certificates which, by and large, are to be issued by
authorities on the authorization being delegated, not by commercial CAs.
>PKIX is now a de-facto standard and it does not seem at all likely
>SPKI will offer sufficient functionality to supplant it.
Since SPKI's trust computation (5-tuple reduction) can use X.509 names and
extensions, that trust computation fills a substantial need even if there
were only X.509. Meanwhile, the simplicity of SPKI parsing and brevity of
its certificates makes sense for non-CA issuers.
- Carl
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.5.3
iQCVAwUBNd7qARN3Wx8QwqUtAQG+LwP/eMWSDKazchBoHGmzHeRtcss47s9HjY8Q
73gCeGjkCevbcgvbvoZHLygmCHTrrsvSBdwSwU3GML1WlVQ85nHSO1KK6VJcKTHO
lxDcKiTfm+ygP84X/biCrlIlFE1okmKP/mu5JRJcBmmiH1DbIxgG2t11QeLrRdmD
vwfrjLp/aQs=
=CSvW
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@acm.org http://www.pobox.com/~cme |
| PGP: 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 |
+--Officer, officer, arrest that man. He's whistling a dirty song.-+
References: