Five Theses on Security Protocols

Nicolas Williams Nicolas.Williams at oracle.com
Sat Jul 31 20:28:14 EDT 2010


On Sat, Jul 31, 2010 at 12:32:39PM -0400, Perry E. Metzger wrote:
> 5 Also related to 3, but important in its own right: to quote Ian
>   Grigg:
> 
>     *** There should be one mode, and it should be secure. ***

6. Enrolment must be simple.

I didn't see anything about transitive trust.  My rule regarding that:

7. Transitive trust, if used at all, should be used to bootstrap
   non-transitive trust (see "enrolment must be simple") or should be
   limited to scales where transitive trust is likely to work (e.g.,
   corporate scale).

Nico
-- 

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list