[Cryptography] Mutually authenticated TLS
Bill Frantz
frantz at pwpconsult.com
Fri Mar 9 18:29:03 EST 2018
On 3/8/18 at 3:25 PM, nico at cryptonector.com (Nico Williams) wrote:
>Speaking of fresh certs, I think we should just converge on fresh certs
>and to hell with OCSP and CRLs. This necessitates an online CA to
>re-issue certs often, but so what.
This was our conclusion when we did the Simple Public Key
Infrastructure (SPKI) work in the IETF. SPKI certs can't be
revoked. They have to time out.
Cheers - Bill
-----------------------------------------------------------------------
Bill Frantz | Since the IBM Selectric, keyboards have gotten
408-356-8506 | steadily worse. Now we have touchscreen keyboards.
www.pwpconsult.com | Can we make something even worse?
More information about the cryptography
mailing list