[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: draft-ietf-pkix-scvp-32.txt

To: "Anders Rundgren" <anders.rundgren@xxxxxxxxx>
Subject: Re: draft-ietf-pkix-scvp-32.txt
From: Stephen Kent <kent@xxxxxxx>
Date: Mon, 9 Jul 2007 10:30:02 -0400
Cc: "David A. Cooper" <david.cooper@xxxxxxxx>, "pkix" <ietf-pkix@xxxxxxx>
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <468EB15C.4000103@xxxxxxxx> <>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

Title: Re: draft-ietf-pkix-scvp-32.txt

At 4:36 PM +0200 7/7/07, Anders Rundgren wrote:

Although probably not NIST's intentions with SCVP, I would not be surprised if SCVP long-term will put the final nail in the Bridge CA coffin.

Off-loaded validation is a MUCH better concept since it is fully dynamic, allows arbitrary granularity down to individual EE certificates, and most of all does not rely on a centrally funded/trusted "über-CA". In fact, a successful rollout of SCVP will probably eliminate most other uses of cross-certification as well.

Anders

David asked a question about HTTP use in SCVP, for which this is NOT an answer.

Try to keep on topic.

Steve

References:
- draft-ietf-pkix-scvp-32.txt
  - From: David A. Cooper
- Re: draft-ietf-pkix-scvp-32.txt
  - From: Anders Rundgren

Prev by Date: PKI Disaster Recovery and Key Rollover
Next by Date: Olny this 5 days special price on pharma for you dear customer
Previous by thread: RE: draft-ietf-pkix-scvp-32.txt
Next by thread: Re: draft-ietf-pkix-scvp-32.txt
Index(es):
- Date
- Thread