Hi Brian,
On 19/01/2012 09:48, Brian Trammell wrote:
On Jan 18, 2012, at 7:01 PM, Alexey Melnikov wrote:
On 18/01/2012 17:43, Alexey Melnikov wrote:
Hi Brian,
On 18/01/2012 16:16, Brian Trammell wrote:
On Jan 18, 2012, at 3:38 PM, Alexey Melnikov wrote:
Actually, since the binding between RID and a PKI is better defined in
rfc6045-bis, 6046-bis now refers to it, as follows:
Each RID system SHOULD authenticate its peers via a PKI as detailed
in Section 9.3 of [I-D.ietf-mile-rfc6045-bis].
Would this address the concern?
Let me check.
So the text in rfc6045bis seems to suggest that all server certificates will be
verified based on some prior arrangement. Is my understanding correct?
Yes; in essence, a RID consortium is "closed".
I think that this approach is unwise, because this wouldn't scale. But
if nobody else see a problem with this, I will let it go.
_______________________________________________
Gen-art mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/gen-art
