On 5/20/25 11:25 AM, Tom Beecher wrote:
Unless you're willing to say that whatever is doing the
authz/policy is *offline* -- ie, can't look that policy up in real
time -- this can all be done using normal online mechanisms. That
is, "server, can is this identity allowed to do this or that?" in
your example.
I'm not arguing that it doesn't work as stated. I'm arguing that
they bring a tremendous amount of cert baggage -- business models,
enrollment, revocation, etc, etc -- that is really hard to justify
under any normal circumstance. Asymmetric keying unfortunately
involves way too many people thinking that once they are involved,
certs are necessary. It need not be, and in fact the vast majority
of cases would greatly simplified to just get rid of certs
entirely, even the basic name/identity binding they provide.
I don't entirely disagree with that perspective. Lots of merit to it.
I think most of my responses have been directed towards those who seem
to be *disagreeing* with the 'this is how it works" bits.
Yeah, there were other parts of this thread that I didn't comment on
that seemed wrong headed too (not you, iirc). Probably just as well :)
Suffice it to say, I pretty much agree with Eliot's assessment of
"mismash" re: authn/authz.
Mike
_______________________________________________
NANOG mailing list
https://lists.nanog.org/archives/list/nanog@lists.nanog.org/message/BPKZGRXJQESG6VMOZDP57M3HZ6BGVVS6/
