|
|
Re: Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart c: msg#00207encryption.general
Anne & Lynn Wheeler <lynn@xxxxxxxxxx> writes: >1) x.509 certificates broadcast all over the world attacked to every >transaction were in serious violation of all sorts of privacy issues >2) certificates were fundamentally designed to address a trust issue in >offline environments where a modicum of static, stale data was better than >nothing >3) offline, certificate oriented static stale processing was a major step >backward compared to online, timely, dynamic processing. X.509 certs were designed to solve the problem of authenticating users to the global X.500 directory. So they're good at what they were designed for (solving a problem that doesn't exist [0]), and bad at everything else (solving any other sort of problem). Peter. [0] Actually they're adequate at what they were designed for. The original directory authentication work was really just a bunch of suggestions as to how you'd do it, ranging from passwords through to certs, and a lot of the cert stuff was more a set of suggestions than any firm guideline. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@xxxxxxxxxxxx |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Re: example: secure computing kernel needed: 00207, William Arbaugh |
|---|---|
| Next by Date: | RE: Non-repudiation (was RE: The PAIN mnemonic): 00207, Carl Ellison |
| Previous by Thread: | Identity Based Encryptioni: 00207, Al |
| Next by Thread: | Re: Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before: 00207, Anne & Lynn Wheeler |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |