Multiple roots & E2E PKI trust discovery, chain management & capabilities exchange

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




IETF-ers,

What is the latest state-of-the-art thinking at the IETF about a distributed multiple-root systems for name discovery based on end-to-end peer-to-peer PKI-based trust discovery and trust chain management & properties/capabilities exchange (I can sign you, you can sign me, I can do 4096 bits but you'll only parse 2048, etc.)

Is it permissible to think that this could be an alternative to the DNS at some point in time in the future or does the DNS needs to remain as it is?

I am thinking on figthing on the policy front to force a Tier1C implementation of ENUM with a distributed registry based on the use of registries at the NPA-NXX-XXXX (Co-code) level in Canada while the USA would remain with a flat file per NPA (Tier 1B)

However, there is more generality to my question ... I need a quick rundown of the latest thinking (RFCs, ID's, IESG & IAB directives, IRTF experiments) regarding:

1) distributed multiple roots
2) E2E P2P PKI-based trust discovery and trust chain management
3) capabilities and properties exchange in an E2E PKI environment.

You can tell me to RTFM with reason since I have been out of touch for the last 5 years, and I will not take it personally, but any investment of time and energy into providing me some good warnings of "DO NOT GO THERE" would be very appreciated.

-=Francois=-
--
francois@xxxxxxxxxx
819 692 1383

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]