> [Rainer] Hi all, > > I did a cross-check today between the two drafts. Both require > certificates. Syslog-sign actually includes distribution policies in > section 5. There is a huge difference between the ways certificates are > handled in both drafts. > > Implementing both will at least require duplicate/different code for > like tasks. Same goes for the administration. I have not yet a solution > proposal, but I would like to make the WG aware of this fact. > > What are your thoughts? >
[RJHorn] To some degree you are describing the present state of implementation for certificate and key management. It's a mess. I expect that in the end this will generalize into: - For each different application purpose (browsing, signing, prescribing, logging, payments, ...) there will be stores for - Private key information (used locally to sign, etc.) - Trusted individual certificates (e.g., self-signed but not restricted to self-signed) - Trusted signing certificates - Anchors of Trust With luck there will emerge common maintenance methods, but they sure aren't there now. For each browser I've got a different maintenance method for trusted signers, trusted individual certificates, and private key information. I don't have any browsers that actually manage usig an anchor of trust. And that is for the single application purpose of browsing. The browsers are all different. The nature and meanings of trust is dependent on the application purpose, so you should not have a single single store. We will always need a way to have different stores for different purposes. Meanwhile, we struggle with every implementation having different maintenance methods. At least they agree on the PKCS format for exchanging these elements. I don't see syslog as the proper venue for doing more than defining use cases for this. Longer term, I hope that a common agreement emerges on how to name and organize these stores so that common maintenance can be implemented. For the specifics of sign vs transport, is there an application difference between being an authenticated sender of messages, and being an authenticated signer of messages? I think that there is, so they do need to be separate stores. I haven't looked at the details of functionality required by sign because I haven't had any real uses yet for signing the messages. The differences should be reducable to using different stores for key and certificate information, and performing different operations (e.g., signing) on the messages. _______________________________________________ Syslog mailing list [email protected] https://www.ietf.org/mailman/listinfo/syslog
