It seems that the cryptographic literature needs to be rewritten now ...
==
Anything you can do with a cert, you can do with raw public keys, and
you don't need CA's. See RFC4871 for an example.
On 9/18/2014 11:36 AM, Michael Thomas wrote:
On 09/18/2014 08:31 AM, Markus Stenberg wrote:
whether your authorization policy is leap of faithy, or strict ’these
are the authorized CAs/individual certs’, there is no way to express
same things with raw public keys (or you wind up with new X509, which
is in nobody’s best interest).
Mike
_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet
--
email: [email protected] | Skype: rstruik
cell: +1 (647) 867-5658 | US: +1 (415) 690-7363
_______________________________________________
homenet mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/homenet
