On Jan 12, 2008, at 2:17 AM, Peter Gutmann wrote:
Someone recently asked on a security list whether there was a simple way of putting your public key on a web server based on "a set of goals, hopefully sufficiently unambitious, so one knows what one wants to do very precisely. Given those, I suspect a decent spec replacing hundreds of pages of currently 'standard' and useless mechanism could be crafted in about 10 to 30 pages)". My response was "You've just described RFC 4387 :-)". The list reaction was that no-one had known until then that this document even existed, so I'mposting this to a couple of lists where people might find it useful.Don't be mislead by the title (http://www.ietf.org/rfc/ rfc4387.txt), it waspublished under the auspices of PKIX but it's really "a simple, fairlyuniversal means of publishing your public key via HTTP". The CACert folks have set up a Wiki page to cover implementation info, feedback, and comments:http://wiki.cacert.org/wiki/RFC4387.(Please, no religious arguments over this: If you think it's useful, implementit. If not, ignore it).
Peter--Very timely; we were just discussing something essentially like this around my office last week. I see you've got cryptlib support, but are there any other implementations in the pipeline?
-- Tim
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ TLS mailing list TLS@xxxxxxxxxxxxxx https://www1.ietf.org/mailman/listinfo/tls