Re: [pkng] Where to go? What to do?
Massimiliano Pala <Massimiliano.Pala@Dartmouth.edu> Fri, 01 October 2010 19:40 UTC
Return-Path: <Massimiliano.Pala@Dartmouth.edu>
X-Original-To: pkng@core3.amsl.com
Delivered-To: pkng@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B56753A6E10 for <pkng@core3.amsl.com>; Fri, 1 Oct 2010 12:40:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.999
X-Spam-Level:
X-Spam-Status: No, score=-5.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_52=0.6, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id XEgqb1eDc0mi for <pkng@core3.amsl.com>; Fri, 1 Oct 2010 12:40:34 -0700 (PDT)
Received: from mailhub2.dartmouth.edu (mailhub2.dartmouth.edu [129.170.17.107]) by core3.amsl.com (Postfix) with ESMTP id 0D7933A6E25 for <pkng@irtf.org>; Fri, 1 Oct 2010 12:40:27 -0700 (PDT)
Received: from newblitzen.Dartmouth.EDU (newblitzen.Dartmouth.EDU [129.170.208.36]) by mailhub2.dartmouth.edu (8.13.5/DND2.0/8.13.5) with ESMTP id o91JVKJ1021914 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <pkng@irtf.org>; Fri, 1 Oct 2010 15:41:08 -0400
X-Disclaimer: This message was received from outside Dartmouth's BlitzMail system.
Received: from dhcp-212-226.cs.dartmouth.edu [129.170.212.226] by newblitzen.Dartmouth.EDU (Mac) via SMTP for pkng@irtf.org id <177892124>; 01 Oct 2010 15:41:08 -0400
Message-ID: <4CA639EA.4080503@Dartmouth.edu>
Date: Fri, 01 Oct 2010 15:43:38 -0400
From: Massimiliano Pala <Massimiliano.Pala@Dartmouth.edu>
Organization: Dartmouth College / OpenCA Labs
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.1.12) Gecko/20100907 Fedora/3.0.7-1.fc12 Lightning/1.0b2pre Thunderbird/3.0.7
MIME-Version: 1.0
To: pkng@irtf.org
References: <p06240825c8c7fd5ca338@[10.20.30.163]> <4CA25D9C.1010609@cs.tcd.ie>
In-Reply-To: <4CA25D9C.1010609@cs.tcd.ie>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha1"; boundary="------------ms000902010407050904050806"
X-MailScanner: Found to be clean by mailhub2.dartmouth.edu
X-MailScanner-From: massimiliano.pala@dartmouth.edu
Subject: Re: [pkng] Where to go? What to do?
X-BeenThere: pkng@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Public Key Next Generation \(PKNG\) Research Group" <pkng.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/listinfo/pkng>, <mailto:pkng-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/pkng>
List-Post: <mailto:pkng@irtf.org>
List-Help: <mailto:pkng-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pkng>, <mailto:pkng-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 01 Oct 2010 19:40:37 -0000
Hello Stephen, I totally understand your position, and I partially agree. There's a lot of interest in the keyassure possible WG, but I think the two are actually complementary. The possibility of distributing contents via the DNS is orthogonal to the issues with PKIs: managing the infrastructures, have the interaction between infrastructures and clients easier, allowing for easy discovery of federated PKIs and their services, etc. These are just examples of the issues we face today and there are a lot more when considering the usage of PKIs in the "Internet of Things". Bottom Line: the two groups shall have a collaborative approach rather than a mutually exclusive one :D Anyhow, I share with you the lack of spare cycles - at least on my side. I have a lot of good (well, at least I think they are good) ideas to provide support for Internet PKIs (and Federated identities). My (good) ideas in my next post. Later, Max On 09/28/2010 05:26 PM, Stephen Farrell wrote: > > > On 28/09/10 21:22, Paul Hoffman wrote: >> Please speak up soon if you think that there is interesting work in our charter, and hopefully start threads here with such discussions. If we don't have sufficient interest, we can close the list quietly. > > I believe there could be, but that some of the oxygen has been > sucked out of the room (to keyassure) so I'm no longer sure if > there's a realistic target for pkng, nor whether there're > sufficient cycles for doing work. (I'd be happy if my concerns > are unfounded.) > > Assuming keyassure turns into an IETF WG developing some kind > of way to manage public keys in the DNS, (and offers a reasonable > potential successor/addition to X.509), I think this group could > maybe try look beyond that towards pk systems that might start > to be deployed in 5+ years after both X.509 and keyassure are > already out there. But I think we'd have to know where keyassure > is going before re-scoping the work here. > > If keyassure founders, then there's a role for this group > in understanding why and maybe working towards fixing whatever > caused the failure. (Assuming the failure is technology > and not personnel;-) > > Bottom line for me for now: let's see what happens with > keyassure first before we kill or pump up this group. My > guess is that we won't know until the new year. > > S. > > PS: I still have that list of things I'd like that I sent to > this list a long while ago.
- [pkng] Where to go? What to do? Paul Hoffman
- Re: [pkng] Where to go? What to do? Stephen Farrell
- Re: [pkng] Where to go? What to do? Rene Struik
- Re: [pkng] Where to go? What to do? Massimiliano Pala
- Re: [pkng] Where to go? What to do? Massimiliano Pala
- Re: [pkng] Where to go? What to do? Daniel Kahn Gillmor
- Re: [pkng] Where to go? What to do? Massimiliano Pala
- Re: [pkng] Where to go? What to do? Massimiliano Pala
- Re: [pkng] Where to go? What to do? Daniel Kahn Gillmor