Jim Schaad <[email protected]> wrote: > I have much the same problem. While a client could find an AS which > would authenticate the client, I don't know how the client would > establish any degree of trust in the AS which is going to give it > tokens.
Is your question that you don't know how to trust that the AS is the correct
AS for RS-foo?
> If you have already put a local public key for the AS into the
> client, then you might as well put in a name for the AS as well. I
> suppose you could get by with a shared secret but that does not seem to
> be a good way to build up the system.
Maybe there are redundant instances of the AS, or maybe there are multiple ways
(thus different IP addresses) by which to reach the AS.
--
Michael Richardson <[email protected]>, Sandelman Software Works
-= IPv6 IoT consulting =-
signature.asc
Description: PGP signature
_______________________________________________ Ace mailing list [email protected] https://www.ietf.org/mailman/listinfo/ace
