Re: [woes] Naked Public Key, was: RE: Proposed charter, post-Quebec edition

[Phillip Hallam-Baker <hallam@gmail.com>]

On Fri, Aug 5, 2011 at 8:43 AM, Leif Johansson <leifj@mnt.se> wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> On 08/05/2011 02:11 PM, Phillip Hallam-Baker wrote:
> > Support for naked keys is useful.
> >
> > Lack of support for certificates where needed would be unacceptable and
> > render the format unsuited for many of the applications we need it for.
> >
> > Certificates are pretty simple to deal with. The problems that they are
> used
> > to address are not simple.
>
> I also think you need both. Sometimes you need to use a key for both
> signing and TLS for instance.
>
> >
> > Whatever you thought of the 'Trust Router' proposal made at last IETF, it
> is
> > certainly no simpler than the PKI based approach and that is before they
> > have put it in operation and found the operational requirements.
>
> I don't think that proposal is targeted for anything that comes even
> remotely close to signed objects. Lets not go there.


Which is exactly what I am arguing for.

If the group decided it is 'only' going to do raw key it would inevitably
end up going there because the problems are going to take it there.

The way to avoid going there is to build on the infrastructure already
designed to go there and let people hook into that infrastructure where it
is useful.


Otherwise we are like the office that decides not to build a loading dock
because handling deliveries of office supplies requires too much manual
effort. If you need the office supplies you are going to be dealing with the
deliveries.

-- 
Website: http://hallambaker.com/