Viktor Dukhovni <openssl-users@xxxxxxxxxxxx> wrote:
> So indeed, you'd not be the first to consider a special-purpose
> concise format. It is somewhat surprising that the applications
> you're considering use X.509 certificates at all, rather than just
I meant to add in my previous email, that the reason to use the PKIX
containers is because we need the identifiers for algorithms and hashes, and
the like so that we can have algorithm agility going forward.
Of course, we could get that from some other format: OpenPGP for instance.
Alas, none are very popular in the greater world. Maybe CWT will win out
where PGP (for keys and signatures) did not... but I don't think the industry
outside of the IETF is ready for that yet. (The IETF is not even ready...)
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] mcr@xxxxxxxxxxxx http://www.sandelman.ca/ | ruby on rails [
Attachment:
signature.asc
Description: PGP signature
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
