[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Embedded certificate image

To: Stefan Santesson <stefan@xxxxxxxxxxx>
Subject: Re: Embedded certificate image
From: "Timothy J. Miller" <tmiller@xxxxxxxxx>
Date: Thu, 30 Jul 2009 10:32:59 -0500
Cc: ietf-pkix <ietf-pkix@xxxxxxx>
In-reply-to: <C6977E38.3A4E%stefan@xxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <C6977E38.3A4E%stefan@xxxxxxxxxxx>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
User-agent: Thunderbird 2.0.0.21 (Windows/20090302)

Stefan Santesson wrote:

However, I can't escape that it feels a bit warped if we abandon useful
features because we must design protocols to resist weak hashes instead of
making sure that we can and do use adequate hash algorithms.

It's a risk-management decision, in the end. The question is, whoserisk is it? The protocol designer's, or the end user's?

On the second point, the data in both SVG and PDF/A are highly structured.
SVG is for example an XML based vector graphic language.

I can bury arbitrary amounts of unstructured data in both SVG and PDF/A.SVG allows the same RFC2397 data URLs that you were discussingpreviously, and you can embed fonts in both PDF/A (it's actuallyrequired) and SVG. :)


-- Tim

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Follow-Ups:
- Re: Embedded certificate image
  - From: Stefan Santesson

References:
- Re: Embedded certificate image
  - From: Stefan Santesson

Prev by Date: Re: Embedded certificate image
Next by Date: Re: Embedded certificate image
Previous by thread: Re: Embedded certificate image
Next by thread: Re: Embedded certificate image
Index(es):
- Date
- Thread