Re: the way an I-D takes

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



At 06:25 PM 7/23/2002 +0200, Kai Kretschmann wrote:
>what further way goes a submitted and published internet draft after a 
>short period of discussion?

That largely depends on you. If it goes into a working group, it becomes a 
working group document which you might be the editor of or a contributor 
to. If it remains a personal submission, you can ask the IESG to publish it 
as an informational RFC. But yes, if you do nothing, it will age out in time.

Question for you on the content of the draft. What you are proposing is, I 
think, signing web pages as a way to detect when they have been hacked.

You state that the public key needs to come through a third party. I'm not 
sure I buy that. If you have a business relationship, you could transfer 
the public key (in a certificate) during the process of setting it up.

You are concerned about transfer of the key at the time because the hacker 
might substitute a different public key. What I would worry about is the 
system signing dynamic pages on the fly and therefore using its private key 
to sign hacked files. How would you address that?


[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]