On 28/07/2010 14:05, Perry E. Metzger wrote:
> It is not always the case that a dead technology has failed because of
> infeasibility or inapplicability. I'd say that a number of fine
> technologies have failed for other reasons. However, at some point, it
> becomes incumbent upon the proponents of a failed technology to
> either demonstrate that it can be made to work in a clear and
> convincing way, or to abandon it even if, on some level, they are
> certain that it could be made to work if only someone would do it.

To be clear, I am not a proponent of PKI as we know it, and certainly
the current use of PKI to sign software has never delivered any actual
value, and still wouldn't if revocation worked perfectly.

However, using private keys to prove that you are (probably) dealing
with the same entity as yesterday seems like a useful thing to do. And
still needs revocation.

Is there a good replacement for pk for this purpose?

http://www.apache-ssl.org/ben.html           http://www.links.org/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Reply via email to