[8958] in cryptography@c2.net mail archive
Re: Crypographically Strong Software Distribution HOWTO
daemon@ATHENA.MIT.EDU (Rich Salz)
Tue Jul 3 12:49:53 2001
Message-ID: <3B41EF9C.652E7F6E@zolera.com>
Date: Tue, 03 Jul 2001 12:15:24 -0400
From: Rich Salz <rsalz@zolera.com>
MIME-Version: 1.0
To: Ben Laurie <ben@algroup.co.uk>
Cc: "V. Alex Brennen" <vab@cryptnet.net>,
cryptography@wasabisystems.com, ASF Members <members@apache.org>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
> Oh? How? All you are suggesting is that the role key is held by a CA -
> well, who is that going to be, then?
Unh, no. The same way the ASF determines who gets commit access could
be teh same way the ASF determines who their CA will give
release-signing keys to. The same way the ASF takes away someone's
commit access is the same way they could update the CRL.
All those key update, distribution, revocation, etc., stuff -- all those
hard problems you said you want to automate -- go away. Recipients need
only trust the Apache CA and its CRL.
/r$
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@wasabisystems.com
