Arshad Noor <[EMAIL PROTECTED]> writes: > Ben Laurie wrote: >> As such, I'm not seeing much value. > > That may be because you are a cryptographer. If you were the CSO, an > Operations Director, or an Application Developer in a company that had > to manage encryption keys for 5,000 POS Terminals, 10,000 laptops, > desktops and servers across multiple data-centers and 400 stores, you > would see it very differently.
I'm not sure I would see it differently from Ben. There are existing deployed solutions like Kerberos that scale far beyond that and work just fine, and actually address all the things this protocol seems to leave as an exercise to the reader. And yes, they're in use in real companies at gigantic scales. (Indeed, Kerberos is central to Microsoft's technologies these days.) Perry --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]