>>>>> "Josh" == Josh Howlett <[email protected]> writes:
Josh> I agree that is an option; and it wouldn't be the end of the
Josh> world if that's where we end up. But I believe it would impede
Josh> interoperable deployments because it defers this discussion to
Josh> implementers and users who won't, on the whole, care about or
Josh> understand the issues. I would prefer to have a simple
Josh> interoperable solution that works for 99% of the users than a
Josh> less constrained but accordingly more complex solution that
Josh> satisfies the remaining 1%.
IDP MAY sign + RP MAY ignore + RP MUSt verify doesn't meet the IETf's
interoperability criteria because an IDP that does not support
signatures cannot work with an RP that requires them.
A solution that depends on verifying signatures as the MTI is the
wrong approach because we don't plan to have trust anchors in common.
We don't believe there is a viable strategy for having trust anchors in
common in our deployments and are going to a lot of effort to avoid
needing that.
for my part, I've worked with a number of potential customers and
prepared Moonshot related proposals for two. In both those situtaions,
shared trust anchors were not an option.
So, I would not support a MTI strategy that depended on shared trust
anchors.
--Sam
_______________________________________________
abfab mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/abfab
