[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [IETF-PKIX] Certificate Directories and Spam
>> If this really is a concern we could include the SHA-1 hash of the email
>> address in the cert rather than the address itself.
>Continue with this line of thinking, and you're liable to end up with
>SPKI. And that wouldn't do at all :-)
As I have said before, SPKI is a great forum to develop new
ideas in PKI without the encumberance of design decisions
made in X.509 that may have been overtaken by events.
Exciting new ideas having been developed the real world
will then roll them out as X.509v3 attributes.
Hallam's law: Any communication format that has both
a dominant established userbase and an extension
mechanism is most likely to remain dominant.
Take a look at Visual Basic which may not be the
prettiest approach to program design but has swallowed
every significant feature of almost every language
imaginable with the exception of simplicity.
I don't think we should be affraid of using ideas just
because they come from the anti-ASN-1 brigade.
I see the SPKI/PKIX divide as essentially reflecting
the separation my Oxford Tutor Tony Hoare proposed
between developing programming language features
and designing a programming language.