[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Draft Charter

To: Frank Siebenlist <franks@xxxxxxxxxxx>
Subject: Re: Draft Charter
From: Stephen Kent <kent@xxxxxxx>
Date: Mon, 20 Aug 2007 21:26:52 -0400
Cc: Carl Wallace <CWallace@xxxxxxxxxxxx>, ietf-trust-anchor@xxxxxxxx
In-reply-to: <46CA355A.6040704@xxxxxxxxxxx>
List-archive: <http://www.vpnc.org/ietf-trust-anchor/mail-archive/>
List-id: <ietf-trust-anchor.vpnc.org>
List-unsubscribe: <mailto:ietf-trust-anchor-request@vpnc.org?body=unsubscribe>
References: <886F5D4C78AFB14D87261206BFB9612E1D31D6DF@xxxxxxxxxxxxxxxxxxxxx> <> <46CA355A.6040704@xxxxxxxxxxx>
Sender: owner-ietf-trust-anchor@xxxxxxxxxxxxx


At 5:44 PM -0700 8/20/07, Frank Siebenlist wrote:

Why do we need the emphasis on "public key" and "digitally signing" with
respect to trust anchors?

I can think of trust anchors that could be identified through a kerberos
principal name or a DN, and online trust anchors that can be queried for
info over an authenticated tls connection...

-Frank.


Frank,

The notion of trust anchors has been, for the last 15 years or so, apurely public key notion. So yes, I would argue that if we want towork on what it going to be called a trust anchor managementprotocol, it needs to be based on public keys and signaturevalidation. If folks want to do something else, make up a new name,this one is taken :-).


Steve

Follow-Ups:
- Re: Draft Charter
  - From: Paul Hoffman

References:
- RE: Draft Charter
  - From: Carl Wallace
- RE: Draft Charter
  - From: Stephen Kent
- Re: Draft Charter
  - From: Frank Siebenlist

Prev by Date: Re: Draft Charter
Next by Date: Re: Draft Charter
Previous by thread: Re: Draft Charter
Next by thread: Re: Draft Charter
Index(es):
- Date
- Thread