On Tue, Sep 24, 2013 at 5:25 PM, Phillip Hallam-Baker <hallam@xxxxxxxxx> wrote:
Looking at the extreme breach of trust by US govt re PRISM, I think it is time to do something we should have done decades ago but were stopped at US Govt request.Lets kill all support for X.400 mail.
Actually, as far as I'm aware, the US and UK government uses of X.400 are being phased out fairly rapidly, so they'd probably support trimming out most of the support from PKIX too.
This is still in use, I know. But looking through the PKIX spec the schema is ten pages long. I count seven pages of garbage that we could kill if we abandoned support for X.400, garbage character sets no longer needed, bogus time formats, etc. etc.Certificates do not need to be as complicated as X.509v3 made them. To work with certificates issued for the Internet, an application needs to support only 20% of the PKIX schema at most.
I'd be interested to see a more concrete proposal. I would offer my apps-oriented viewpoint in the work, too.
Dave.