On 3/4/21 11:24 AM, Keith Moore wrote:
On 3/4/21 2:17 PM, Michael Thomas wrote:
My point here isn't to defend how TLS works, it's to say that almost
nothing requires the truly offline verification aspect that x.509
brings to the table.
Emphatically disagree. There are lots of situations requiring "truly
offline" certificate verification.
What? Seriously what? A Mars rover, maybe? And if they truly need
offline verification, fine use X.509. For all the rest it is just so
much more unneeded baggage and confusion.
I can (and have) built a asymmetric key login mechanism that just
puts naked public keys into a user table of a database, for example.
The x.509-first view of the asymmetric keys world has confused a lot
of thinking and had I introduced it to that mechanism it would have
worlds more complex and much harder to understand. Designers should,
dare I say it, be looking at the actual requirements of the system
before settling on a particular solution.
Perhaps you should take your own advice.
I did take my own advice. The result was DKIM. So did the SSH folks
which works just fine on a disconnected network.
Mike
