At 9:39 AM +0200 9/1/05, Stephan Neuhaus wrote:
Are we now at a point where we must admit that PKI isn't going to happen

s/happen/happen in a widely useful fashion/

 for the Web

s/Web/Web and email/

and that we therefore must face the rewriting of an unknown (but presumably large) number of lines of code to accomodate PSKs?

Self-signed certificates that are fingerprinted out-of-band are better than PSKs in some situations, worse in others.

If that's so, I believe that PSKs will have deployment problems as large as PKI's that will prevent their widespread acceptance.


--Paul Hoffman, Director
--VPN Consortium

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to