IETF Logo Mail Archive

Re: [pkix] SCEP vs CMC vs CMP

Paul Hoffman <phoffman@imc.org> Fri, 29 October 2010 01:44 UTC

Return-Path: <phoffman@imc.org>
X-Original-To: pkix@core3.amsl.com
Delivered-To: pkix@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 87E3D3A69DB for <pkix@core3.amsl.com>; Thu, 28 Oct 2010 18:44:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.273
X-Spam-Level:
X-Spam-Status: No, score=-1.273 tagged_above=-999 required=5 tests=[AWL=0.773, BAYES_00=-2.599, HELO_MISMATCH_COM=0.553]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Kl7POyKEwAfL for <pkix@core3.amsl.com>; Thu, 28 Oct 2010 18:44:33 -0700 (PDT)
Received: from hoffman.proper.com (Hoffman.Proper.COM [207.182.41.81]) by core3.amsl.com (Postfix) with ESMTP id 8F42C3A672F for <pkix@ietf.org>; Thu, 28 Oct 2010 18:44:33 -0700 (PDT)
Received: from [10.20.30.150] (75-101-30-90.dsl.dynamic.sonic.net [75.101.30.90]) (authenticated bits=0) by hoffman.proper.com (8.14.4/8.14.3) with ESMTP id o9T1kIQe065956 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 28 Oct 2010 18:46:20 -0700 (MST) (envelope-from phoffman@imc.org)
Mime-Version: 1.0
Message-Id: <p0624080ac8efd7a3b275@[10.20.30.150]>
In-Reply-To: <E1PBdoE-0002Hk-Ei@login01.fos.auckland.ac.nz>
References: <E1PBdoE-0002Hk-Ei@login01.fos.auckland.ac.nz>
Date: Thu, 28 Oct 2010 18:46:17 -0700
To: Peter Gutmann <pgut001@cs.auckland.ac.nz>, alper.yegin@yegin.org, anders.rundgren@telia.com, pkix@ietf.org, tmiller@mitre.org
From: Paul Hoffman <phoffman@imc.org>
Content-Type: text/plain; charset="us-ascii"
Subject: Re: [pkix] SCEP vs CMC vs CMP
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Oct 2010 01:44:34 -0000

At 2:31 PM +1300 10/29/10, Peter Gutmann wrote:
>Paul Hoffman <phoffman@imc.org> writes:
>
>>SCEP is not your answer. It is narrowly limited to IPsec VPN boxes, and a
>>small subset of that market.
>
>Uhh, no it isn't, it was originally designed for that 15?-odd years ago but
>it's used all over the place.  The last time I used SCEP was to provision
>iPhones from a Microsoft Windows server, neither of which are IPsec VPN boxes.

Gaaaah. Thanks for the update. :-(

OK, so you still have three sores, ooozing different-colored (elided).

v2.46.0 | Report a Bug | By Email | System Status