PKI: Only Mostly Dead
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Wed May 29 02:05:17 EDT 2002
"R. A. Hettinga" <rah at shipwright.com> quotes:
>http://www2.cio.com/research/security/edit/a05232002.html
>
>CIO Magazine
>Only Mostly Dead
>By Scott Berinato
>
>[...]
Actually it's not quite that bad. I have a paper "PKI: It's Not Dead, Just
Resting" (no relation to the article, despite the name) which takes a
(hopefully) somewhat detached look at PKI issues and how they can be addressed,
covering (as far as possible within the 15-page limit) the X.509 and PGP
approaches, as well as the other usual suspects like AADS, XML/SAML, SPKI, and
so on, as well as some areas which nothing seems to be doing at the moment -
it's an attempt to do a grand unified view of PKI without ending up with a
whole book. I've also tried to throw in a reasonable amount of historical
perspective to explain why some (mostly X.509) things are done the way they
are. It may or may not appear in ;login, the Usenix journal, at some point,
although I haven't heard anything for awhile. It's available from
http://www.cs.auckland.ac.nz/~pgut001/pubs/notdead.zip (zipped PDF) for anyone
who's interested. I wouldn't link to it at the moment because of its current
in-limbo status, once it's officially published somewhere I'll add a link from
my home page.
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list