On Mon, Dec 12, 2011 at 10:19 AM, DIEGO LOPEZ GARCIA <[email protected]> wrote: > The point here is how much information you'd have to put in such a handle to > establish trust (in both directions) when dereferencing it, and the > additional mechanisms at both sides. I guess it was Nico the one that > mentioned that this could become "hairy"…
If the handle were to include authentication of the referenced data then we'd have synchronization issues. If the handle were to include server authentication data that would be easier, but we'd still have revocation and key rollover issues. But if we do this hop-by-hop then those issues are not new -- it's only if we try to skip hops that we run into new issues. HTTP is just a protocol. I offer it because it doesn't have a payload size limit. Nico -- _______________________________________________ abfab mailing list [email protected] https://www.ietf.org/mailman/listinfo/abfab
