Re: Comments on draft-ietf-secsh-x509-03

To: Peter Gutmann <pgut001%cs.auckland.ac.nz@localhost>
Subject: Re: Comments on draft-ietf-secsh-x509-03
From: Joseph Galbraith <galb-list%vandyke.com@localhost>
Date: Mon, 20 Mar 2006 09:41:58 -0700

> Overall I think this document should restrict itself to specifying the basic
> formats, and leave cert-processing details and policy issues to things like
> PKIX, who have generated thousands of pages (literally!) of documentation on
> this.  Also, since what's being done here is identical to what TLS has spent
> several years working on, re-using the results of the TLS work would help
> avoid the need to re-work the SSH stuff once people start rediscovering the
> various issues that the TLS folks have already dealt with.

This was our original intent (and if you look at the first couple
of versions of the document, what we did.)

However, it seemed like people wanted more out of the draft.

I'd be really happy to go back to simply describing how
to encode x.509 certificates and signatures in the SSH
protocol and call this draft done.

But-- I guess we need people who care about this to
come out of the woodwork and speak up now about what
the working group wants out of this document.

Thanks,

Joseph

Follow-Ups:
- Re: Comments on draft-ietf-secsh-x509-03
  - From: Peter Gutmann

References:
- Re: Comments on draft-ietf-secsh-x509-03
  - From: Peter Gutmann

Prev by Date: Re: Comments on draft-ietf-secsh-x509-03
Next by Date: draft-ietf-secsh-publicfile must be dealt with this week or it will not be published
Previous by Thread: Re: Comments on draft-ietf-secsh-x509-03
Next by Thread: Re: Comments on draft-ietf-secsh-x509-03
Indexes:

Home | Main Index | Thread Index | Old Index