[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Software for PKI

To: michael@xxxxxxxxxxxx
Subject: Re: Software for PKI
From: Stephen Kent <kent@xxxxxxx>
Date: Thu, 15 Nov 2001 15:14:03 -0500
Cc: ietf-pkix@xxxxxxx
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <> <><> <>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

At 1:09 AM +0100 11/14/01, Michael Ströder wrote:

Stephen Kent wrote:

This WG is not responsible for broken implementations.


I disagree. If a standard is very complicated and features are most
times optional it's difficult too implement it correctly and
complete. Therefore the designers of a security standard are IMHO
indeed somewhat responsible for broken implementations.

Ciao, Michael.

Michale,

You are right that the more complex a standard becomes, the harder it is to implement, and thus the more likely to be broken. But, what constitutes a necessary level of complexity, to accommodate a range of legitimate "requirements" vs. what is "excessive complexity" is a matter of judgement.

Steve

Follow-Ups:
- Re: Software for PKI
  - From: Michael Ströder
- RE: Software for PKI
  - From: Max Pritikin

References:
- RE: Software for PKI
  - From: Ryan Hurst
- Re: Software for PKI
  - From: todd glassey
- Re: Software for PKI
  - From: Stephen Kent
- Re: Software for PKI
  - From: Michael Ströder

Prev by Date: RE: signed e-mail [Virus checked]
Next by Date: RE: Software for PKI
Previous by thread: Re: Software for PKI
Next by thread: RE: Software for PKI
Index(es):
- Date
- Thread