Re: PKI is weakly secure (was Re: Updating the rules?)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 




On Jul 10, 2007, at 1:51 PM, Stephen Kent wrote:

At 1:13 PM -0700 7/10/07, Douglas Otis wrote:
On Jul 8, 2007, at 10:34 PM, Eliot Lear wrote:

This can be said of any technology that is poorly managed.

So, you merely believe that the infrastructure of PKI is well managed.

In all but a single instance I have no evidence to the contrary. The one case of an exploit was extremely well publicized and ameliorated within days. And that was years ago.

Trust Models.

Once a CA is vetted, it can be leveraged as a point of trust. The trust is of an association with a URL validated by the certificate.

your reference to a URL is a very specialized (not generic) description of how one might interpret the security services associated with a CA.

Agreed. I should have could be of an association with... The intent was to relate this to DKIM, which of course is even more specialized.

-Doug

_______________________________________________

Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]