|
Tom, It's very difficult to write text that accurately conveys the intent, and is yet is technically precise. For example, you wrote: "Without key management at an Internet scale, authentication is often not possible." ephemeral DH exchange is a type of key management, and it works at Internet scale. So, what I think you meant to say, when paraphrasing Viktor (who made the same mistake in the I-D) is something like "Authenticated key management at an Internet scale has yet to be achieved." later the text says: "Key management at Internet scale is an incompletely solved problem." again, missing the necessary qualifier "authenticated" and later: The PKIX ([RFC5280]) key management model introduces costs that not all peers are willing to bear and also cannot secure communications when either the reference identity (not defined in the I-D) of the peer is obtained indirectly over an insecure channel or the communicating parties cannot agree on a [root?] certification authority (CA). This statement is inaccurate. If peers share a common, trusted CA, they can validate one anothers certs, whether that CA is a trust anchor ("root CA") in the Web PKI sense or not. As you may surmise, I avoided reading Viktor's doc. I will do so now, and provide detailed comments during IETF LC, to address these and other issues. Steve |