From: Charles Lindsey (chl@clw.cs.man.ac.uk)
Date: Mon May 07 2001 - 06:04:03 CDT
In <20010504102239.C20860@main.templetons.com> Brad Templeton <brad@templetons.com> writes:
>On Fri, May 04, 2001 at 10:20:36AM -0400, Bill Davidsen wrote:
>>
>> I don't think standardizing the headers includes setting up a central
>> agency to do the things which really need to be done.
>Of course it doesn't. The task this group was supposed to accomplish was
>to define _how_ to sign an article (including of course a control message),
>and implicit with that are the problems of how to verify that the key which
>signed the article is authorized to do whatever operation the article is
>requesting.
No it is NOT implicit. It is perfectly possible to define a scheme for
signing articles and to leave the question of propagating, storing,
revoking and certifying keys to a later standard. We already discussed
such a scheme extensively on this list 6 months ago, but only stopped it
in order to push ahead with other priorities.
The scheme we were discussing then is still available to be worked on, and
indeed I have recently been preparing a revised draft in between dealing
with current issues on this list.
-- Charles H. Lindsey ---------At Home, doing my own thing------------------------ Tel: +44 161 436 6131 Fax: +44 161 436 6133 Web: http://www.cs.man.ac.uk/~chl Email: chl@clw.cs.man.ac.uk Snail: 5 Clerewood Ave, CHEADLE, SK8 3JU, U.K. PGP: 2C15F1A9 Fingerprint: 73 6D C2 51 93 A0 01 E7 65 E8 64 7E 14 A4 AB A5