[345] in Zephyr Mailing List
Re: should we submit zephyr?
daemon@ATHENA.MIT.EDU (Greg Hudson)
Mon Aug 23 17:27:35 1999
Message-Id: <199908232127.RAA21523@small-gods.mit.edu>
To: Derrick J Brashear <shadow@dementia.org>
Cc: zephyr@MIT.EDU
In-Reply-To: Your message of "Mon, 23 Aug 1999 16:25:14 EDT."
<ML-1.3.2.935439914.5758.shadow@johnstown.andrew.cmu.edu>
Date: Mon, 23 Aug 1999 17:27:18 -0400
From: Greg Hudson <ghudson@MIT.EDU>
> As long as a) I don't have to create a public-key infrastructure for
> my userbase which would essentially give me nothing over the
> Kerberos infrastructure I already have and b) said refusal does not
> lock us out of communication with "the rest of the world", I'm
> happy. Please say you're pushing to this end?
We haven't really discussed options for security (all we've done at
this point is requirements, which are in last call; see
http://www.ietf.org/internet-drafts/draft-ietf-impp-reqts-02.txt and
also -model-01.txt). I doubt the working group will want to specify a
new key infrastructure for this application, and I doubt it will want
to force everyone to adopt an existing one before they can use IMPP.
So I expect it will be easy and commonplace to communicate insecurely,
which gives you what you said you want.
