On Tue, Jun 21, 2011 at 1:17 PM, Novikov, Lev <[email protected]> wrote: > On 2011-06-21 13:36, Nico Williams wrote: >> [...] My concern is that we already have a large number of >> technologies in the IETF for establishing channels[*]. Adding any >> more should require some strong justification for not using an >> existing one. [...] But when we're talking about *new* protocols, we >> need to set the bar pretty high [...]. > > Just to clarify, CICM specifies the API between the client program and > the crypto module; not the messages used to establish the channel between > the peers (as the protocols you reference do). > > Use of those protocols does not obviate the need for a lower level API > that actually interacts with the crypto.
Even so, what value does this add over, any of the APIs and frameworks we already have? If the issue is ensuring that you are able to login to tokens, why not add suitable extensions to the GSS-API (basically a single function)? Nico -- _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
