On Thu, 7 Oct 2004, James M Galvin wrote:
Does the silence mean that the model I've proposed below is right? Or
are folks still just thinking about it?
Did you not see my message stating that your model has equivalent security
to CSV? Cryptography (such as TLS) is not necessary for hop-by-hop
authentication.
In fact TLS is not sufficient either, because the lack of checking in the
deployed base is an impediment to using it for site-to-site
authentication. There is also the problem of the expensive and unweildy
PKI. (We just spent about $3000 for our annual certificate renewal, and
we are not looking forward to finding a cheaper supplier and
authenticatnig a 795-year-old organization to them).
William Leibzon, Jim Fenton, and I all disagreed that signatures should be
removed after verification.
The whole point of MASS is that it is not hop-by-hop.
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
FISHER GERMAN BIGHT: SOUTHWEST 6 OR 7 VEERING NORTHWEST 4 OR 5. SHOWERS. GOOD.