Re: [Sip] comments on draft-kupwade-sip-iba-00

Eric Rescorla <ekr@networkresonance.com> Wed, 27 February 2008 17:23 UTC

Return-Path: <sip-bounces@ietf.org>
X-Original-To: ietfarch-sip-archive@core3.amsl.com
Delivered-To: ietfarch-sip-archive@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0E7AD28C9B4; Wed, 27 Feb 2008 09:23:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.341
X-Spam-Level:
X-Spam-Status: No, score=-0.341 tagged_above=-999 required=5 tests=[AWL=0.096, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id D2hW7+AFX4Zo; Wed, 27 Feb 2008 09:23:41 -0800 (PST)
Received: from core3.amsl.com (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B930828C1F3; Wed, 27 Feb 2008 09:22:21 -0800 (PST)
X-Original-To: sip@core3.amsl.com
Delivered-To: sip@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3C81D3A6C15 for <sip@core3.amsl.com>; Wed, 27 Feb 2008 09:22:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WSk0XoGStCFH for <sip@core3.amsl.com>; Wed, 27 Feb 2008 09:22:15 -0800 (PST)
Received: from romeo.rtfm.com (unknown [74.95.2.173]) by core3.amsl.com (Postfix) with ESMTP id CC2EE3A68A6 for <sip@ietf.org>; Wed, 27 Feb 2008 09:17:16 -0800 (PST)
Received: from romeo.rtfm.com (localhost.rtfm.com [127.0.0.1]) by romeo.rtfm.com (Postfix) with ESMTP id 8EAE95081A; Wed, 27 Feb 2008 09:19:01 -0800 (PST)
Date: Wed, 27 Feb 2008 09:19:01 -0800
From: Eric Rescorla <ekr@networkresonance.com>
To: Harsh Kupwade <harsh_smu@yahoo.com>
In-Reply-To: <132324.81291.qm@web65509.mail.ac4.yahoo.com>
References: <20080227170702.5A5C05081A@romeo.rtfm.com> <132324.81291.qm@web65509.mail.ac4.yahoo.com>
User-Agent: Wanderlust/2.14.0 (Africa) Emacs/21.3 Mule/5.0 (SAKAKI)
MIME-Version: 1.0 (generated by SEMI 1.14.6 - "Maruoka")
Message-Id: <20080227171901.8EAE95081A@romeo.rtfm.com>
Cc: sip@ietf.org
Subject: Re: [Sip] comments on draft-kupwade-sip-iba-00
X-BeenThere: sip@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Session Initiation Protocol <sip.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:sip@ietf.org>
List-Help: <mailto:sip-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sip>, <mailto:sip-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: sip-bounces@ietf.org
Errors-To: sip-bounces@ietf.org

At Wed, 27 Feb 2008 09:14:26 -0800 (PST),
Harsh Kupwade wrote:
> 
> [1  <text/plain; iso-8859-1 (8bit)>]
> What if the trust anchors are not complied into your client? Then
> verifying a digital signature is not a trivial problem.
>
>   Cross certificate validation is a challenging issue?

Which is why nobody does it in practice in the private sector.

In any case, I'm not sure why we're having this discusion since
all the same trust issues apply to IBE schemes. The only respect
in which they don't apply to IBE schemes is if you have a single
global KG, but of course you could have a single global CA,
too. It's just that nobody wants to do either.

-Ekr



_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors@cs.columbia.edu for questions on current sip
Use sipping@ietf.org for new developments on the application of sip