-----Original Message-----
From: C. Wegrzyn [mailto:wegrzyn(_at_)garbagedump(_dot_)com]
Seems like a lot of what you get with a cert. This is almost the
approach I took with the design I did. I can tell you it works
and works
well.
Chuck Wegrzyn
Thanks for that. The thing I feel most strongly about concerning this
type of "consent" and/or "identity" mechanism is that certification
mechanism should be open, decentralized, and entirely in the control of
the end users. Unlike certs, which usually require some centralize
authority for a signature, simple shared secrets can be created and
destroyed entirely at the behest of the user groups involved and require
no cost beyond that effort.
(It is possible to have certs signed by some elected member of the
group, or to self sign, or to elect some local authority for the local
COT, however the entire cert discussion tends to add unnecessary
complexity I think.)
_M
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg