Mark Delany wrote:
On Thu, Mar 09, 2006 at 03:09:36PM +0000, Stephen Farrell allegedly wrote:
Right. One even wonders whether this is specification text or simply
non-normative suggestions on possible strategies.
Yes. Hopefully the latter, but I wasn't sure.
> I don't see rfc2821
offering the mechanics on installing an MTA. Do other pub-key related
specs delve into deployment?
Well from memory s/mime and pgp don't but then they don't have the
delegation aspect. Nearest thing to this is maybe the proxy-cert
stuff that the Grid folks did, but they distribute short-lived private
keys in-band so have to care more. PKIX does give us many many ways
to do this (CMP and CMC both specify a slew of options).
Anyway, if anything that's an issue for base, not threats. (Is it
worth raising one so we discus it in Dallas?)
Stephen.
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html