On 3/4/21 7:52 AM, Nico Williams wrote:
On Thu, Mar 04, 2021 at 09:57:47AM -0500, Phillip Hallam-Baker wrote:
X.509 is really optimized around the totally offline case. And that is a
bad choice for many applications. But it does work for some.
No, that's not it.
X.509 tries to minimize online infrastructure, but not to zero.
In particular, it minimizes *state*.
Um, why should we care about that? Nothing else cares about holding state.
Now, if you start binding public keys to users via a directory, you'll
be unhappy because you'll have all the problems directories have, and
because you might get the schema wrong and allow only one key per-user,
and even if you don't get the schema wrong you'll have a garbage
collection problem, and even if you manage to solve that with
expirations then the act of registering new keys is still more complex
than the act of signing new certificates.
Oh brother. When you start arguing that people might get implementations
wrong, you're grasping at straws. All of the sites that I've used that
allow public key authentication have groked that there might be more
than one key like, oh say, github. This is complete nonsense. People
might issue certs for a 150 years too.
Mike