New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Simple Public Key Infrastructure Working Group...
Internet-Drafts@...
Dec 1, 1997 9:01 pm
12
New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Simple Public Key Infrastructure Working Group...
Internet-Drafts@...
Dec 1, 1997 9:17 pm
13
As I recall the NTP specified security feature depends on shared secret keys with no specified key distribution mechanism. Donald ... ...
Donald E. Eastlake 3rd
dee@...
Dec 2, 1997 5:09 pm
14
As I recall the NTP specified security feature depends on shared secret keys with no specified key distribution mechanism. Yes, but that isn't the point --...
Steven Bellovin
smb@...
Dec 2, 1997 5:32 pm
15
in various discussions yesterday ... one of the people expanded on the offline vis-a-vis account-authority ... expanding offline to "offline & npr" (npr - no...
Lynn.Wheeler@...
Dec 2, 1997 7:31 pm
16
... Only the developer in me is interested in the encoding differences between ASN.1 users and the rest of us. Mostly I'm interested in the semantic ...
Carl Ellison
cme@...
Dec 3, 1997 1:53 am
17
... I translate that as: the receiver (verifier) has evaluated a certificate loop for the sender (prover) once and derived a certificate result. The verifier...
Carl Ellison
cme@...
Dec 3, 1997 1:51 am
18
... These control functions might need microsecond or better precision. Yes? As one person wrote to me, off the list, it will be a long time before he has...
Carl Ellison
cme@...
Dec 3, 1997 12:02 am
19
... Lynn, thanks for the post. In SPKI terms, model 2 boils down to sending an online-test request line instead of a certificate, since the online test result...
Carl Ellison
cme@...
Dec 3, 1997 1:56 am
20
... I agree. I have been thinking about how to interact with remote process control hardware having done a bit of this in the past. I would send a macro file ...
Vinnie Moscaritolo
vinnie@...
Dec 2, 1997 11:58 pm
21
model 2 ... has receiver of the transaction forwarding the digital signature to the account-authority along with possibly other transaction information for...
Lynn.Wheeler@...
Dec 2, 1997 11:51 pm
22
an account-authority has some characteristics of a certificate authority ... it basically has registered a public key for an account (in much the same way a...
Lynn.Wheeler@...
Dec 2, 1997 11:38 pm
23
... How about Initial Trust Vector (ITV)? Trust Parameter Database (TPD)? Permission Assertion List (PAL)? Ah, the joy of TLAs... Marc ...
Marc Branchaud
marcnarc@...
Dec 3, 1997 1:39 am
24
... Finally found some time to read the latest drafts. Here are some thoughts/comments on Simple Public Key Certificates. 2.3 Name: In the paragraph Letting...
Marc Branchaud
marcnarc@...
Dec 3, 1997 1:48 am
25
On Mon, 1 Dec 1997 Internet-Drafts@... wrote: -> A New Internet-Draft is available from the on-line Internet-Drafts -> directories. This draft is a...
Ed Gerck
egerck@...
Dec 3, 1997 8:34 am
26
... No certificate is required, but the cost is enormous - a central authority is required instead. I may be missing the point here, but what has this model to...
Ben Laurie
ben@...
Dec 3, 1997 5:40 pm
27
... Yes the X.509 standard does not assume such a binding. The assumption is in its philosophy of use, and derived from the X.500 directory, which really had...
Xavier Serret
serret@...
Dec 3, 1997 7:15 pm
28
On Wed, 3 Dec 1997, Xavier Serret wrote: -> > I think that the document has serious flaws and should be ammended, as -> > well as the name SPKI no longer...
Ed Gerck
egerck@...
Dec 3, 1997 5:38 pm
29
no ... the point in the original point is that a large number of account-authorities already exist ... which add a field to the current account record for...
Lynn.Wheeler@...
Dec 3, 1997 4:53 pm
30
... Agreed. If you need a millisecond or microsecond resolution, you're probably going to be doing a large number of operations, so you can use SPKI to...
Bill Stewart
stewarts@...
Dec 4, 1997 12:49 am
31
... This does not necessarily apply to anyone using PKIX (recognizing that you *did* mention X.509 and not PKIX), and I am posting this as many blindly equate...
Patrick C. Richard
patr@...
Dec 4, 1997 7:32 am
32
... In Subj: Re: I-D ACTION:draft-ietf-spki-cert-theory-00.txt ... I am pressed for time right now, but let me address this one point since it is central to...
Carl Ellison
cme@...
Dec 4, 1997 6:22 pm
33
On Thu, 4 Dec 1997, Carl Ellison wrote: -> -----BEGIN PGP SIGNED MESSAGE----- -> -> In Subj: Re: I-D ACTION:draft-ietf-spki-cert-theory-00.txt -> At 09:38 AM...
Ed Gerck
egerck@...
Dec 4, 1997 10:55 pm
34
Hi all, I want to propose the consideration of using a certified NTP timestamp as the basis of a portable trust model and nonreputiead network timing. We and...
Todd Glassey
Todd.Glassey@...
Dec 4, 1997 5:40 pm
35
On Thu, 4 Dec 1997, Bob Jueneman wrote: -> Patrick, -> > -> >>>> "Patrick C. Richard" <patr@...> 12/04 12:32 AM >>> -> >Ed Gerck wrote: -> >> -> >> As to...
Ed Gerck
egerck@...
Dec 5, 1997 1:35 am
36
Patrick, ... Actually, this isn't correct, since in PKIX the DN is optional, and may be an empty sequence. (Although in that case one or more subjectAltName ...
Bob Jueneman
BJUENEMAN@...
Dec 4, 1997 7:17 pm
37
... Seems to me that biometrics are all well and good, except that you have the fundamental bootstrap problem of securely associating the biometric with the...
Bill Buffam
bjb@...
Dec 5, 1997 1:01 am
38
On Thu, 4 Dec 1997, Bill Buffam wrote: -> Ed Gerck wrote: -> > -> > -> > My fingerprint, retina scan and DNA sequence and are three examples of -> > global...
Ed Gerck
egerck@...
Dec 5, 1997 3:18 pm
39
... The problem with the global name is not the name itself, but the difficulty of correctly associating it with the proper actor. Given that you can do this,...
Bill Buffam
bjb@...
Dec 5, 1997 7:01 pm
40
New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Simple Public Key Infrastructure Working Group ...
