Re: KISS for PKIX. (Was: RE: ASN.1 vs XML (used to be RE: I-D ACTION :draft-ietf-pkix-scvp- 00.txt))

[Lynn.Wheeler@xxxxxxxxxxxxx]

another interesting scenerio for RADIUS is that most webservers ship with stubs
for authentication and then sites frequently do roll-your-own userid/password
lookup processes. ... a straight-forward scenerio is to provide a RADIUS
protocol stub for web-servers ... then on an account-by-account basis the ISP
(&/or web operator) can use the same administrative interface for managing
account/userid authentication (for both internet/intranet/extranet
authentication and client-side web authentication).

futhermore ... on an account-by-account basis ... the site/operator then can
choose from a menu of RADIUS supported authentication mechanism at the
account/userid level (and in the straight-forward case, public key registration
is done in the same business process as password registration ... and digital
signature authentication becames a straight-forward alternative/option to
password authentication)