Five Theses on Security Protocols
Nicolas Williams
Nicolas.Williams at oracle.com
Sat Jul 31 20:28:14 EDT 2010
On Sat, Jul 31, 2010 at 12:32:39PM -0400, Perry E. Metzger wrote:
> 5 Also related to 3, but important in its own right: to quote Ian
> Grigg:
>
> *** There should be one mode, and it should be secure. ***
6. Enrolment must be simple.
I didn't see anything about transitive trust. My rule regarding that:
7. Transitive trust, if used at all, should be used to bootstrap
non-transitive trust (see "enrolment must be simple") or should be
limited to scales where transitive trust is likely to work (e.g.,
corporate scale).
Nico
--
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list