Re: [woes] Naked Public Key, was: RE: Proposed charter, post-Quebec edition

Leif Johansson <leifj@mnt.se> Fri, 05 August 2011 12:43 UTC

Return-Path: <leifj@mnt.se>
X-Original-To: woes@ietfa.amsl.com
Delivered-To: woes@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B238821F8B00 for <woes@ietfa.amsl.com>; Fri, 5 Aug 2011 05:43:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.266
X-Spam-Level:
X-Spam-Status: No, score=-3.266 tagged_above=-999 required=5 tests=[AWL=-0.667, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nHpbXLkF2rij for <woes@ietfa.amsl.com>; Fri, 5 Aug 2011 05:43:21 -0700 (PDT)
Received: from backup-server.nordu.net (backup-server.nordu.net [IPv6:2001:948:4:1::66]) by ietfa.amsl.com (Postfix) with ESMTP id 3E06A21F8AF7 for <woes@ietf.org>; Fri, 5 Aug 2011 05:43:21 -0700 (PDT)
Received: from [192.36.125.212] (dhcp.pilsnet.sunet.se [192.36.125.212]) (authenticated bits=0) by backup-server.nordu.net (8.14.3/8.14.3) with ESMTP id p75ChXIx029730 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <woes@ietf.org>; Fri, 5 Aug 2011 14:43:37 +0200 (CEST)
Message-ID: <4E3BE575.4070707@mnt.se>
Date: Fri, 05 Aug 2011 14:43:33 +0200
From: Leif Johansson <leifj@mnt.se>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.18) Gecko/20110617 Lightning/1.0b2 Thunderbird/3.1.11
MIME-Version: 1.0
To: woes@ietf.org
References: <b9332337-4efa-4355-93a9-7866a5506bb5@default> <CA60EB18.D5CF%joe.hildebrand@webex.com> <CAMm+LwggXXryGuk7gxovPi2FyOpx2UoEc_b0nYGJV=PJ=WXUWw@mail.gmail.com>
In-Reply-To: <CAMm+LwggXXryGuk7gxovPi2FyOpx2UoEc_b0nYGJV=PJ=WXUWw@mail.gmail.com>
X-Enigmail-Version: 1.1.1
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
Subject: Re: [woes] Naked Public Key, was: RE: Proposed charter, post-Quebec edition
X-BeenThere: woes@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "Web Object Encryption and Signing \(woes\) BOF discussion list" <woes.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/woes>, <mailto:woes-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/woes>
List-Post: <mailto:woes@ietf.org>
List-Help: <mailto:woes-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/woes>, <mailto:woes-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Aug 2011 12:43:26 -0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/05/2011 02:11 PM, Phillip Hallam-Baker wrote:
> Support for naked keys is useful.
> 
> Lack of support for certificates where needed would be unacceptable and
> render the format unsuited for many of the applications we need it for.
> 
> Certificates are pretty simple to deal with. The problems that they are used
> to address are not simple.

I also think you need both. Sometimes you need to use a key for both
signing and TLS for instance.

> 
> Whatever you thought of the 'Trust Router' proposal made at last IETF, it is
> certainly no simpler than the PKI based approach and that is before they
> have put it in operation and found the operational requirements.

I don't think that proposal is targeted for anything that comes even
remotely close to signed objects. Lets not go there.

	Cheers Leif
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk475XUACgkQ8Jx8FtbMZndQEwCeNnyVkj0xpDRhvDuSNSH4/Mig
GH8An3R2UeKcGxUzpZhuUG8/Hakfx5z0
=XbMB
-----END PGP SIGNATURE-----