Re: Whither PEM

As another who has been watching from the sidelines and speaks now wearing
only a hat labeled something like "electronic commerce", I'd like to echo,
underscore and elaborate on some of Scott's comments:

At  8:44 PM 3/23/94 -0500, Scott Bradner wrote:

I'd just as soon see progress on authentication support technologies that can
be deployed with as much speed as possible.


If not sooner.  The lack of a general facility for Internet email
authentication (and
privacy) is crippling expanded use for commerce.

There are quite a wide range of
functions that can be fully implemented using bilateral agreements (as most of
the current EDI world seems to work) or the inclusion of extra information in
the record (e.g. a credit card number).


A full, formal trust infrastructure is just dandy.  But like most
infrastructure,
it's a bear to create.  Please, please, please remove this dependency from
the rest
of the mechanism.  Please allow use of strings that are already familiar to
Internet users.  Please allow pairwise key exchange.  It doesn't scale, but
it's trivial to start using.

We have some very consistent experiences in the Internet:  things which are
simple and have few dependencies are easy to understand, easy to build,
easy to deploy and easy to use.  Let's try to learn from that experience.
Make this stuff incrementally deployable.  (And yes, it may well be that
"deployable" is pronounced "deplorable" by the aestheticist
(aesthetistician?) but it works.  An elegant, thorough, undeployed and
unused service is, of course, useless.)

We can't wait much longer.


About this assertion, I'm afraid I need to strongly disagree with Scott.
We can't
wait *any* longer.

This service is late.  It has been worked on far too long.  I am pretty
sure that every other example of IETF work that has dragged on this long
has simply failed.  This work certainly is in danger of it, in case no one
has noticed the alternatives cropping up.

Create a separate working group to develop technologies that rely on simple
N-party trust mechanisms.  This group should rely on the identification
processes normally used in the operational Internet, i.e. the FQDN and have as
its primary objective to define things that can be deployed in a short period
of time.


This is the immediate requirement.


Dave

<Prev in Thread]	Current Thread	[Next in Thread>
Whither PEM, Stephen D Crocker Re: Whither PEM, Scott Bradner Re: Whither PEM, etc., Donald E. Eastlake 3rd (Beast) Re: Whither PEM, Dave Crocker <= Re: Whither PEM, jueneman%wotan Re: Whither PEM, Jeffrey I. Schiller Re: Whither PEM, Dan Nessett Re: Whither PEM, Jeffrey I. Schiller Re: Whither PEM, Dan Nessett Re: Whither PEM, Bill Sommerfeld Re: Whither PEM, Derek Atkins Re: Whither PEM, Jeffrey I. Schiller Re: Whither PEM, jueneman%wotan Re: Whither PEM, Stephen D Crocker

Previous by Date:	Changes to X.509 certificate format., Francisco Jordan
Next by Date:	Re: Whither PEM, etc., Donald E. Eastlake 3rd (Beast)
Previous by Thread:	Re: Whither PEM, etc., Donald E. Eastlake 3rd (Beast)
Next by Thread:	Re: Whither PEM, jueneman%wotan
Indexes:	[Date] [Thread] [Top] [All Lists]