[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: SPKI meeting at Chicago?

>I strongly suspect however that any commercial
>implementation would use X.509 as the certificate format....

No, there are many commercial applications that do not use 509.  They are
just not a visible as the browser oriented applications.

Requirements still exist for technologies that have been discussed in this
working group.  We should find a way to move them forward.


"Phillip Hallam-Baker" <hallam@ai.mit.edu> on 08/22/98 07:56:29 AM

To:   Paul Lambert/Certicom, "Steve Bellovin" <smb@research.att.com>
cc:   spki@c2.net
Subject:  RE: SPKI meeting at Chicago?

Echoing Paul's opinion I don't see the IESG approving SPKI on standards
track at this point. The original idea was that a simple to implement
standard would swiftly overtake PKIX. This has not and will not happen.

PKIX is now integrated into Windows NT 5.0 as the fundamental security
architecture. It is the infrastructure supported by all the PKI vendors.
PKIX is now a de-facto standard and it does not seem at all likely
SPKI will offer sufficient functionality to supplant it.

Publishing the drafts as experimental would be a worthwhile contribution.
The trust architecture work is still relevant to a number of applications.
I strongly suspect however that any commercial implementation would use
X.509 as the certificate format, using the X.509v2 key identifier slots.

If the group does still want to go for standards track the lack of an
archive will be a serious handicap. In any case it would be advisable
to have discussions with the area director at Chicago.