Re: [TLS] [pkix] (OT) Previous attempt to update OCSP
"Henry B. Hotz" <hotz@jpl.nasa.gov> Thu, 12 August 2010 17:53 UTC
Return-Path: <hotz@jpl.nasa.gov>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B493328C113; Thu, 12 Aug 2010 10:53:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.705
X-Spam-Level:
X-Spam-Status: No, score=-5.705 tagged_above=-999 required=5 tests=[AWL=-0.595, BAYES_05=-1.11, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id L0ACszQ9zz2G; Thu, 12 Aug 2010 10:53:35 -0700 (PDT)
Received: from mail.jpl.nasa.gov (smtp.jpl.nasa.gov [128.149.139.109]) by core3.amsl.com (Postfix) with ESMTP id D2F3828C121; Thu, 12 Aug 2010 10:53:35 -0700 (PDT)
Received: from laphotz.jpl.nasa.gov (laphotz.jpl.nasa.gov [128.149.133.44]) (authenticated (0 bits)) by smtp.jpl.nasa.gov (Switch-3.4.3/Switch-3.4.3) with ESMTP id o7CHsBUq030720 (using TLSv1/SSLv3 with cipher AES128-SHA (128 bits) verified NO); Thu, 12 Aug 2010 10:54:11 -0700
Mime-Version: 1.0 (Apple Message framework v1081)
Content-Type: text/plain; charset="us-ascii"
From: "Henry B. Hotz" <hotz@jpl.nasa.gov>
In-Reply-To: <1281515281.16678.83.camel@mattlaptop2.local>
Date: Thu, 12 Aug 2010 10:54:10 -0700
Content-Transfer-Encoding: quoted-printable
Message-Id: <61A6096C-1FD4-4534-B5A0-7559048FAD0E@jpl.nasa.gov>
References: <4C573E09.1060700@nist.gov> <gcpa57emw0794q0kx3jezwJv4X.penango@mail.gmail.com> <1281515281.16678.83.camel@mattlaptop2.local>
To: Matt McCutchen <matt@mattmccutchen.net>
X-Mailer: Apple Mail (2.1081)
X-Source-IP: laphotz.jpl.nasa.gov [128.149.133.44]
X-Source-Sender: hotz@jpl.nasa.gov
X-AUTH: Authorized
X-Mailman-Approved-At: Thu, 12 Aug 2010 21:59:07 -0700
Cc: "pkix@ietf.org" <pkix@ietf.org>, "tls@ietf.org" <tls@ietf.org>, Kyle Hamilton <aerowolf@gmail.com>
Subject: Re: [TLS] [pkix] (OT) Previous attempt to update OCSP
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 12 Aug 2010 17:53:36 -0000
On Aug 11, 2010, at 1:28 AM, Matt McCutchen wrote: >> (When -- if ever -- is the PKIX WG going to realize that the spec it >> has created has no place on the open Internet, and only has >> appropriate scope to be deployed in a particular administrative domain >> -- and thus is outside of the scope of Internet standards >> organizations? > > Nonsense. With PKIs at the organizational level, standardizing the > technology still means that each organization doesn't have to reinvent > it for themselves (possibly insecurely) and that a user can use the same > client software to interact with many organizations and have it just > work. For that matter, HTTP is only practiced by pairs of machines at a > time. Since (unlike most X.509) most Kerberos service is deployed at the organizational level, can I interpret this as an argument in favor of KX509? ;-) ------------------------------------------------------ The opinions expressed in this message are mine, not those of Caltech, JPL, NASA, or the US Government. Henry.B.Hotz@jpl.nasa.gov, or hbhotz@oxy.edu
- Re: [TLS] [pkix] Previous attempt to update OCSP Kyle Hamilton
- Re: [TLS] [pkix] Previous attempt to update OCSP Kemp, David P.
- Re: [TLS] [pkix] Previous attempt to update OCSP Peter Gutmann
- Re: [TLS] [pkix] Previous attempt to update OCSP Matt McCutchen
- Re: [TLS] [pkix] (OT) Previous attempt to update … Henry B. Hotz