[TLS] Re: Public-key distribution via HTTP

["Timothy J. Miller" <tmiller at mitre.org>]

On Jan 12, 2008, at 2:17 AM, Peter Gutmann wrote:

> Someone recently asked on a security list whether there was a  
> simple way of
> putting your public key on a web server based on "a set of goals,  
> hopefully
> sufficiently unambitious, so one knows what one wants to do very  
> precisely.
> Given those, I suspect a decent spec replacing hundreds of pages of  
> currently
> 'standard' and useless mechanism could be crafted in about 10 to 30  
> pages)".
> My response was "You've just described RFC 4387 :-)".  The list  
> reaction was
> that no-one had known until then that this document even existed,  
> so I'm
> posting this to a couple of lists where people might find it useful.
>
> Don't be mislead by the title (http://www.ietf.org/rfc/ 
> rfc4387.txt), it was
> published under the auspices of PKIX but it's really "a simple, fairly
> universal means of publishing your public key via HTTP".  The  
> CACert folks
> have set up a Wiki page to cover implementation info, feedback, and  
> comments:
> http://wiki.cacert.org/wiki/RFC4387.
>
> (Please, no religious arguments over this: If you think it's  
> useful, implement
> it.  If not, ignore it).

Peter--

Very timely; we were just discussing something essentially like this  
around my office last week.  I see you've got cryptlib support, but  
are there any other implementations in the pipeline?

-- Tim

Attachment: smime.p7s
Description: S/MIME cryptographic signature

_______________________________________________
TLS mailing list
TLS at lists.ietf.org
https://www1.ietf.org/mailman/listinfo/tls