At 02:21 PM 10/1/2003 -0700, Adam Back wrote:

Maybe but X.509 certificates, ASN.1 and X.500 naming, ASN.1 string
types ambiguities inherited from PKIX specs are hardly what one could
reasonably calls simple.  There was no reason SSL couldn't have used
for example SSH key formats or something that is simple.  If one reads
the SSL rfcs it's relatively clear what the formats are the state
stuff is a little funky, but ok, and then there's a big call out to a
for-pay ITU standard which references half a dozen other for-pay ITU
standards.  Hardly compatible with IETF doctrines on open standards
you would think (though this is a side-track).

some related recent thread from comp.ssecurity.ssh n.g. (somewhat my standard harping about confusing the technology of digital signatures and the business issues of PKI and certificates):
http://www.garlic.com/~lynn/2003m.html#55 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003m.html#49 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003m.html#50 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003m.html#51 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003m.html#52 public key vs passwd authentication?


--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to