One benefit would be a secure, automatic exchanges without cleartext authentication. Tony
|I wonder what the benefit would be? (I can't parse "somewhat |protected") | |We need no encryption on the channel, as all the published |information is |public. The objects themselves (manifests, certs, CRLs, ROAs, ...) are |signed so you can catch tampering. Finally, the existence of manifest |provides source authentication. So there does not seem to be |any advantages |for this. | |OTOH, you *would* have to incorporate a completely separate |PKI in order to |authenticate hosts (potentially thousands of them). _______________________________________________ Sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
