You would like it to say unique within the Node-ID namespace of the particular overlay?
Bruce On Thu, Feb 25, 2010 at 8:46 AM, neil.young <[email protected]> wrote: > Hi Eric, > > <snip> > In most cases, there's a centralized enrollment authority which doesn't > issue duplicates. > > </snip> > > Yes, I believe your claim for self-signed certs. But a centralized > enrollment server in an overlay which issues certs and guarantees no > duplicates can't always guarantee global uniqueness. It is likely, but not > literally guaranteed. The "globally" claim is what I doubt :) > > Regards > > Eric Rescorla schrieb: > > On Thu, Feb 25, 2010 at 7:32 AM, neil.young <[email protected]> wrote: > > > 3.1 > Each node has a certificate [RFC5280] containing a Node-ID, which is > globally unique > > I'm wondering how you want to ensure global uniqueness. > > > In most cases, there's a centralized enrollment authority which doesn't > issue duplicates. > > In the self-assigned certificate case, the node-id must be a hash of hte > public key so is statistically unique. > > -Ekr > > > _______________________________________________ > P2PSIP mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/p2psip > > _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
