RE: alternate key server mechanisms

From: Dave Crocker [mailto:dhc(_at_)dcrocker(_dot_)net]

It is also not clear that it is enforceable in any way other 
than developing the 
entire architecture from the start, which thereby misses the 
benefits of starting simply.


Architectures developed incrementally are inevitably piecemeal.

If you are doing the architecture right the system gets simpler as you
add more requirements.

XKMS is capable of doing everything that PKIX does, only it can be
implemented in about 2,000 lines of code rather than 250,000+

The approach you describe is something I would never ever do, it is the
way to end up with an ad-hoc spec that cannot be extended in practice.

I always consider as many uses as possible, whether in the scope of the
spec or not.

<Prev in Thread]	Current Thread	[Next in Thread>
RE: alternate key server mechanisms, (continued) RE: alternate key server mechanisms, Hallam-Baker, Phillip Re: alternate key server mechanisms, Arvel Hathcock Re: alternate key server mechanisms, Earl Hood RE: alternate key server mechanisms, Dave Crocker RE: alternate key server mechanisms, Hallam-Baker, Phillip RE: alternate key server mechanisms, Hallam-Baker, Phillip Re: alternate key server mechanisms, John Levine RE: Re: alternate key server mechanisms, Hallam-Baker, Phillip RE: alternate key server mechanisms, Hallam-Baker, Phillip RE: alternate key server mechanisms, John R Levine RE: alternate key server mechanisms, Hallam-Baker, Phillip <= RE: alternate key server mechanisms, william(at)elan.net RE: alternate key server mechanisms, Hallam-Baker, Phillip

Previous by Date:	RE: The cost of choices, Dave Crocker
Next by Date:	RE: alternate key server mechanisms, Hallam-Baker, Phillip
Previous by Thread:	RE: alternate key server mechanisms, John R Levine
Next by Thread:	RE: alternate key server mechanisms, william(at)elan.net
Indexes:	[Date] [Thread] [Top] [All Lists]