2 Apr 2011 10:44
Re: IETF 80: The future of PKIX certificate enrollment protocols
Stephen Kent <kent <at> bbn.com>
2011-04-02 08:44:14 GMT
2011-04-02 08:44:14 GMT
At 4:50 PM -0600 4/1/11, max pritikin wrote: >I agree with these comments. > >A sufficiently restricted profile of CMP would be an improvement >regarding interoperability but would still be significantly more >complex than simply depending on TLS as a secure transport. > >- max Max, As I noted during the PKIX meeting, one concern about relying on TLS is that most TLS implementations are pretty poor re PKI details. Thus using TLS as a building block for cert issuance will have to be very carefully vetted. Steve _______________________________________________ pkix mailing list pkix <at> ietf.org https://www.ietf.org/mailman/listinfo/pkix
RSS Feed