On Sat, Jul 31, 2010 at 12:32:39PM -0400, Perry E. Metzger wrote:
> 5 Also related to 3, but important in its own right: to quote Ian
>   Grigg:
>     *** There should be one mode, and it should be secure. ***

6. Enrolment must be simple.

I didn't see anything about transitive trust.  My rule regarding that:

7. Transitive trust, if used at all, should be used to bootstrap
   non-transitive trust (see "enrolment must be simple") or should be
   limited to scales where transitive trust is likely to work (e.g.,
   corporate scale).


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Reply via email to