[14395] in cryptography@c2.net mail archive
Re: how simple is SSL? (Re: Monoculture)
daemon@ATHENA.MIT.EDU (Anne & Lynn Wheeler)
Wed Oct 1 18:33:01 2003
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Wed, 01 Oct 2003 16:18:10 -0600
To: Adam Back <adam@cypherspace.org>
From: Anne & Lynn Wheeler <lynn@garlic.com>
Cc: Eric Rescorla <ekr@rtfm.com>, Don Davis <don@mit.edu>,
"cryptography@metzdowd.com" <cryptography@metzdowd.com>,
Adam Back <adam@cypherspace.org>
In-Reply-To: <20031001212131.GA23565@dual.cypherspace.org>
At 02:21 PM 10/1/2003 -0700, Adam Back wrote:
>Maybe but X.509 certificates, ASN.1 and X.500 naming, ASN.1 string
>types ambiguities inherited from PKIX specs are hardly what one could
>reasonably calls simple. There was no reason SSL couldn't have used
>for example SSH key formats or something that is simple. If one reads
>the SSL rfcs it's relatively clear what the formats are the state
>stuff is a little funky, but ok, and then there's a big call out to a
>for-pay ITU standard which references half a dozen other for-pay ITU
>standards. Hardly compatible with IETF doctrines on open standards
>you would think (though this is a side-track).
some related recent thread from comp.ssecurity.ssh n.g. (somewhat my
standard harping about confusing the technology of digital signatures and
the business issues of PKI and certificates):
http://www.garlic.com/~lynn/2003m.html#55 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003m.html#49 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003m.html#50 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003m.html#51 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003m.html#52 public key vs passwd authentication?
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
