Re: Consensus??: Common Certificate Formats

Brad Knowles (brad@his.com)
Sun, 25 Feb 1996 00:39:44 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Ned Freed: "Re: A brief comparison of email encryption protocols"
Previous message: Brad Knowles: "Re: IMAP vs. multipart/signed"
Maybe in reply to: Dave Crocker: "Consensus??: Common Certificate Formats"

At 9:38 AM 2/24/96, Dave Crocker wrote:

>     At the Resolving Email Security Complexity workshop, the day's
> summary effort to specify points of group rough consensus included
> discussion of certificate formats.  I believe that we did not reach a clear
> conclusion on this point and wanted to raise it for further discussion.
> While it well might not be possible to resolve matters of trust models, it
> does seem worth exploring the possibility of common certfificate formats.

    I am not personally familiar with X.509 certificates, but
its pretty clear that v.1 is not something that I would likely
find acceptable.  I'm not willing yet to give my unqualified
support to X.509v3 certificates (at least, not until I know more
of the details about them), but I'd be inclined to say that they
*might* be suitable as a required minimum.


    IMO, I think we want to raise the bar as high as we
reasonably can with regards to the required minimums, both to
enhance privacy and security as much as possible, as well as to
guarantee interoperability to the greatest extent possible.

        -Brad

Next message: Ned Freed: "Re: A brief comparison of email encryption protocols"
Previous message: Brad Knowles: "Re: IMAP vs. multipart/signed"
Maybe in reply to: Dave Crocker: "Consensus??: Common Certificate Formats"