Strength in Complexity?

Arshad Noor arshad.noor at
Mon Aug 4 15:53:45 EDT 2008

Perry E. Metzger wrote:
> SKMS is vaporware that leaves all
> the hard parts of the specification out.

An open-source implementation has been available for 2 years.
A new version will be available next year that will implement
the current OASIS draft and whatever useful comments the
Public Review of the specification brings.

> I think that comparing the advance SQL made with SKMS seems a bit
> unreasonable.

I was comparing the concept of data-management to key-management,
which is a more appropriate analogy; there is no end-user language
within an SKMS.

WRT comparing SKMS to Kerberos, for 20+ years I've always seen
Kerberos as a network-authentication protocol and perhaps it is my
failing that I couldn't see the possibility of using a flat-head
screwdriver in a Philips-head screw.

Arshad Noor
StrongAuth, Inc.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list