Security services and protection mechanisms IPv6 promises regarding IPSec Certification infrastructure Standardization update Case Studies: ISPs, carriers,...
Peter Lewis
peter.lewis@...
Oct 4, 1999 2:40 pm
820
... Hash: SHA1 ... Niels, if we were to specify UTF-8 as the string encoding (or anything else) and you decided locally to do use Latin-1, you could still use...
Carl Ellison
cme@...
Oct 9, 1999 9:31 pm
821
... Hash: SHA1 ... Niels, I asked the person at W3C who is dealing with this for them for his recommendation and he recommended C. I will try to find his...
Carl Ellison
cme@...
Oct 9, 1999 9:31 pm
822
... Hash: SHA1 ... Matt, this permits us not to be fooled, but it still creates false negatives. We end up with code from different sources whose certificates...
Carl Ellison
cme@...
Oct 9, 1999 9:31 pm
823
... Wouldn't it be good enough to RECOMMEND that utf-8 (with some additional rules for canonicalization) be used for names and other text intended to be...
Niels Möller
nisse@...
Oct 10, 1999 5:45 pm
824
... Aside from noting the vicious hypocrisy of the Clinton administration saying they support the 11th Ammendment, I've also decided that the bill mentioned in...
Robert Hettinga
rah@...
Oct 19, 1999 5:12 pm
825
... Except, of course, that I'm not the author, and, more to the point, I'm certainly *not* remunerated for my opinion of Brands' book, which is, even more to...
Robert Hettinga
rah@...
Oct 19, 1999 7:13 pm
826
At 2:27 PM -0400 on 10/19/99, Somebody, at the head end of a long ... Cheers, RAH ... Robert A. Hettinga <mailto: rah@...> The Internet Bearer...
Robert Hettinga
rah@...
Oct 19, 1999 9:29 pm
827
... Cha-ching. We'll just have to see if there's enough demand to publish it over here before people with, um, elastic demand curves, can get it that way. ...
Robert Hettinga
rah@...
Oct 20, 1999 5:41 am
828
... The lack of bearer microcash? :-). Once again, the cobbler's children have no shoes... Cheers, RAH ... Robert A. Hettinga <mailto: rah@...> The...
Robert Hettinga
rah@...
Oct 20, 1999 5:41 am
829
... Outstanding. Leave it to fatbrain to have a clue. Maybe they can make a deal with Stefan for his remaining copies, and, if enough orders back up, get...
Robert Hettinga
rah@...
Oct 20, 1999 6:02 am
830
... Sure. There are, however, other ways. IF the seller had been set up to accept credit cards all would have been OK, no bank charges to speak of (except 2%...
Nilsphone@...
Oct 20, 1999 2:46 pm
831
... Hash: SHA1 ... This needs to include names. ... Niels, as long as we do #3 on your list, and note that a "standard" implementation will treat a text string...
Carl Ellison
cme@...
Oct 20, 1999 4:42 pm
832
... Why? My reason for requiring tags and bignums not to use display types was that an spki application must be able to decode and *understand* those...
Niels Möller
nisse@...
Oct 21, 1999 10:50 am
833
... Hash: SHA1 In computational effect, an authorization certificate (permission,key) is equivalent to a pair of certificates: attribute...
Carl Ellison
cme@...
Oct 28, 1999 6:46 am
834
List, ... <reval>:: "(" "reval" <version>? <subj-hash> <reval-body> ")" <subj-hash>:: "(" "cert" <hash> ")" This construct specifies the hash of the current...
JoanMa Mas Ribés
mas@...
Oct 28, 1999 7:07 pm
835
... Hash: SHA1 I think you're correct and will plan to edit accordingly, unless I hear protest to the contrary. - Carl ... Version: PGP 6.5.2fc7 ...
Carl Ellison
cme@...
Oct 29, 1999 6:22 am
836
If you haven't seen this, you should. They discuss SPKI at length. Cheers, RAH (The fact that it was submitted to FC00 has nothing to do with it. That's *my*...
Robert Hettinga
rah@...
Nov 1, 1999 5:02 am
837
I thought I had asked the list about this earlier, but searching through my archive I couldn't find anything relevant. I'm trying to figure out how hostkeys...
Niels Möller
nisse@...
Nov 8, 1999 7:35 pm
838
... The quick answer would be "as anything else", but that's a bit naïve. Here's how I see this - I'm sure some of you will object to the presentation. ... ...
Camillo Särs
Camillo.Sars@...
Nov 9, 1999 9:55 am
839
X509 views certs as identification cards. SDSI views certs as membership cards. SPKI views certs as authorization letters. I argue that each of these views is...
Wei Dai
weidai@...
Nov 13, 1999 12:37 am
840
... Hash: SHA1 ... The envisioned solution isn't anywhere near that complex. Each person who has permission to delegate also has the full cert chain (from the...
Carl Ellison
cme@...
Nov 13, 1999 2:36 am
841
... For now, I'll only do the simplest case. ACL -> Server_X_Key. Naturally, the server has to prove possession of the corresponding private key. ... I'm not...
Niels Möller
nisse@...
Nov 15, 1999 6:27 pm
842
... One of my constant assertions has been that authentication is just one (not-so-)special case of authorization: the right to be known by a name. It...
Brian M. Thomas
bt0008@...
Nov 15, 1999 10:36 pm
843
... Such a collection would be worrisome to someone who is concerned about Carl's notion of using certificates for dossier-building. ... I tend to follow a...
Brian M. Thomas
bt0008@...
Nov 15, 1999 10:51 pm
844
... I didn't get much feedback on this... For now, I'm considering using (tag (ssh-host se.liu.lysator.sanna)) in certificates or acls expressing trust in a...
Niels Möller
nisse@...
Nov 16, 1999 10:30 pm
845
... Thanks for these comments. I understand now that what I'm really looking for is a unified scalable distributed database design that can support the entire...
Wei Dai
weidai@...
Nov 17, 1999 2:04 am
846
For the time being, I'm assuming that display types might not be abolished. My code requires that things like type-names, bignums and hashes have empty display...
Niels Möller
nisse@...
Nov 22, 1999 12:27 am
847
Wei, Thanks for the clear description of the different approaches to solve the Access Control problem. I would like to suggest a different approach that...
yosimass@...
Nov 23, 1999 11:46 am
848
IPSec 2000 Global Summit: the international rendez-vous. A CFP is online at: http://www.upperside.fr/baipsecy2k.htm...
