|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Date: Wed, 28 Jul 2010 14:38:53 +0100 From: Ben Laurie <ben@links.org> To: "Perry E. Metzger" <perry@piermont.com> CC: Peter Gutmann <pgut001@cs.auckland.ac.nz>, cryptography@metzdowd.com In-Reply-To: <20100728090557.11478687@jabberwock.cb.piermont.com> On 28/07/2010 14:05, Perry E. Metzger wrote: > It is not always the case that a dead technology has failed because of > infeasibility or inapplicability. I'd say that a number of fine > technologies have failed for other reasons. However, at some point, it > becomes incumbent upon the proponents of a failed technology to > either demonstrate that it can be made to work in a clear and > convincing way, or to abandon it even if, on some level, they are > certain that it could be made to work if only someone would do it. To be clear, I am not a proponent of PKI as we know it, and certainly the current use of PKI to sign software has never delivered any actual value, and still wouldn't if revocation worked perfectly. However, using private keys to prove that you are (probably) dealing with the same entity as yesterday seems like a useful thing to do. And still needs revocation. Is there a good replacement for pk for this purpose? -- http://www.apache-ssl.org/ben.html http://www.links.org/ "There is no limit to what a man can do or how far he can go if he doesn't mind who gets the credit." - Robert Woodruff --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |