Re: [saag] Whether TOFU should be considered in secure DHCPv6?

ietf

Re: [saag] Whether TOFU should be considered in secure DHCPv6?

2016-08-31 21:46:34

On Aug 31, 2016, at 9:42 PM, Randy Bush <randy(_at_)psg(_dot_)com> wrote:

what is authenticated?  tofu and authentication are antithetical.


Except for (allegedly) EV certs, the entire Web PKI runs on TOFU,
except that it happens invisibly (swept under the rug) between the
CA and the purported domain owner.

Thus DV certs are TOFU for public consumption, where the CA gets
to regurgitate the same TOFU to feed all the relying parties.

-- 
        Viktor.

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: [saag] Whether TOFU should be considered in secure DHCPv6?, Viktor Dukhovni <= Re: [saag] Whether TOFU should be considered in secure DHCPv6?, Viktor Dukhovni Re: [saag] Whether TOFU should be considered in secure DHCPv6?, Ted Lemon

Previous by Date:	RE: [Pce] Last Call: <draft-ietf-pce-pcep-service-aware-12.txt> (Extensions to the Path Computation Element Communication Protocol (PCEP) to compute service aware Label Switched Path (LSP).) to Proposed Standard, Dhruv Dhody
Next by Date:	Re: [saag] Whether TOFU should be considered in secure DHCPv6?, Viktor Dukhovni
Previous by Thread:	IAB announces IRTF Chair appointment, IAB Chair
Next by Thread:	Re: [saag] Whether TOFU should be considered in secure DHCPv6?, Viktor Dukhovni
Indexes:	[Date] [Thread] [Top] [All Lists]