Re: [TLS] Please discuss: draft-housley-evidence-extns-00<

Martin Rex <martin.rex@sap.com> Mon, 29 January 2007 20:03 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1HBcjN-0005EL-HJ; Mon, 29 Jan 2007 15:03:57 -0500
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1HBcjM-0005EF-72 for tls@ietf.org; Mon, 29 Jan 2007 15:03:56 -0500
Received: from smtpde02.sap-ag.de ([155.56.68.170]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1HBcjK-0006ak-RS for tls@ietf.org; Mon, 29 Jan 2007 15:03:56 -0500
Received: from sap-ag.de (smtpde02) by smtpde02.sap-ag.de (out) with ESMTP id VAA10186; Mon, 29 Jan 2007 21:03:47 +0100 (MEZ)
From: Martin Rex <martin.rex@sap.com>
Message-Id: <200701292003.VAA15960@uw1048.wdf.sap.corp>
Subject: Re: [TLS] Please discuss: draft-housley-evidence-extns-00<
To: home_pw@msn.com
Date: Mon, 29 Jan 2007 21:03:47 +0100
In-Reply-To: <BAY126-DAV19437672566CEEAE2D22B92A70@phx.gbl> from "home_pw@msn.com" at Jan 29, 7 10:28:32 am
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 8bit
X-SAP: out
X-SAP: out
X-Spam-Score: 0.0 (/)
X-Scan-Signature: b19722fc8d3865b147c75ae2495625f2
Cc: tls@ietf.org
X-BeenThere: tls@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
Reply-To: martin.rex@sap.com
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/tls>
List-Post: <mailto:tls@lists.ietf.org>
List-Help: <mailto:tls-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@lists.ietf.org?subject=subscribe>
Errors-To: tls-bounces@lists.ietf.org

home_pw@msn.com wrote:
> 
> We cannot stop the experimenting. And should not try. Yes, 
> there are lots of hidden agendas. What's new? They didn't 
> stop us transforming PEM into the full spectrum key 
> management world(s) that SSL now enjoys, did they?

But that is very far from what really happened.

The IETF didn't transform PEM into PKI.  SPKI was an IETF approach,
but it seemed to have died down (OpenPGP and SSH do their own formats).

What happened was, that after the OSI communication protocols had
failed miserably in the marketplace, many of the participants of
the OSI/ISO standards organization started staffing IETF working
groups and with pretty complete Proposals (X.509, SSL, S/Mime)
and tried to prevent the IETF from killing further of their existing
work as well.

A lot of stuff in PKI X.509 is complex bloat and burden, and impairs
interoperability for political or business model purposes, and not
for its technical merit.

One of the cumbersome legacy problems resulting from this approach are
the X.500 distinguished names, which are equally unusable for humans
and software.

The XMLsig guys seemed to have realized that problem too far down the road
(stringified distinguished names may be pretty to look at, but close to a
dead-end road for futher PKI processing), so the SubjectKeyIdentifiers
had to be invented and retrofitted later.

-Martin

_______________________________________________
TLS mailing list
TLS@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls