On Aug 7, 2008, at 2:12 PM, <[EMAIL PROTECTED]> wrote:
Doesn't *require* a CA, or doesn't *support* CAs?
(BTW, to me, RSA vs. DSA seems totally orthogonal to CA vs. no CA
issue).
Require.
What consenting endpoints do in the privacy of their own SA is no
concern of ours. :)
There's no reason you can't any key-centric system and send the keys
off to a CA to be certified; similarly there's no reason you can't pry
the key out of a certificate and use it in a key-centric system.
(As an aside, DKIM is another key-centric system that defines RSA
only, but similarly does not require certificates.)
Jon
_______________________________________________
Syslog mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/syslog
