[36238] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: What happened to PKCROSS?

daemon@ATHENA.MIT.EDU (Nico Williams)
Tue Jul 1 16:13:10 2014

MIME-Version: 1.0
In-Reply-To: <CAK3OfOgWM87oA5JEeevieDKJ9=C9Uxee-xfhBGnzMx-8tzOMYA@mail.gmail.com>
Date: Tue, 1 Jul 2014 15:12:45 -0500
Message-ID: <CAK3OfOhHnuJFUZGQf-RfLkDusoRexdep2sOjEZva9g81tB=-MQ@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: Rick van Rein <rick@openfortress.nl>
Cc: "kerberos@mit.edu" <kerberos@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu

I'll add that it's really shocking that we don't yet have PKCROSS.
Lack of PKCROSS greatly hurts Kerberos' scalability.

Also, Kerberos w/ PKCROSS is much closer to something like what PKI
should have been: short-lived credentials, no need for revocation
protocols (CRLs, OCSP).

Nico
--
________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[36238] in Kerberos

Re: What happened to PKCROSS?

daemon@ATHENA.MIT.EDU (Nico Williams)Tue Jul 1 16:13:10 2014

daemon@ATHENA.MIT.EDU (Nico Williams)
Tue Jul 1 16:13:10 2014