how simple is SSL? (Re: Monoculture)
Anne & Lynn Wheeler
lynn at garlic.com
Wed Oct 1 18:18:10 EDT 2003
At 02:21 PM 10/1/2003 -0700, Adam Back wrote:
>Maybe but X.509 certificates, ASN.1 and X.500 naming, ASN.1 string
>types ambiguities inherited from PKIX specs are hardly what one could
>reasonably calls simple. There was no reason SSL couldn't have used
>for example SSH key formats or something that is simple. If one reads
>the SSL rfcs it's relatively clear what the formats are the state
>stuff is a little funky, but ok, and then there's a big call out to a
>for-pay ITU standard which references half a dozen other for-pay ITU
>standards. Hardly compatible with IETF doctrines on open standards
>you would think (though this is a side-track).
some related recent thread from comp.ssecurity.ssh n.g. (somewhat my
standard harping about confusing the technology of digital signatures and
the business issues of PKI and certificates):
http://www.garlic.com/~lynn/2003m.html#55 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003m.html#49 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003m.html#50 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003m.html#51 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003m.html#52 public key vs passwd authentication?
--
Anne & Lynn Wheeler http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list