Let's step back from SINGLESOCK for a bit and focus on security.
Is the NTS draft-RFC in good enough shape that we can write code now? I've studied it, but didn't understand things. My criteria for "understand" is that I could explain it to somebody else. "Write code" might be another test. One of the key areas that I'm missing is the plans for deployment. Are we intending to use the normal certificate distribution mechanism as used by the web? That depends on time. Is there a way around that? Do we need our own certificate distribution mechanism? Can we copy what DNSSEC does? ... ------- Background: I'm working on cleaning up the current shared key code and extending it to cover ??? (I forget the term.) I'm half way done, but got distracted by real life. -- These are my opinions. I hate spam. _______________________________________________ devel mailing list devel@ntpsec.org http://lists.ntpsec.org/mailman/listinfo/devel
