Hal Murray <hmur...@megapathdsl.net>:
>
> Let's step back from SINGLESOCK for a bit and focus on security.
>
> Is the NTS draft-RFC in good enough shape that we can write code now?
>
> I've studied it, but didn't understand things. My criteria for "understand"
> is that I could explain it to somebody else. "Write code" might be another
> test.
>
> One of the key areas that I'm missing is the plans for deployment. Are we
> intending to use the normal certificate distribution mechanism as used by the
> web? That depends on time. Is there a way around that? Do we need our own
> certificate distribution mechanism? Can we copy what DNSSEC does? ...
I don't know the answers to these questions. Daniel should, though.
--
<a href="http://www.catb.org/~esr/";>Eric S. Raymond</a>
My work is funded by the Internet Civil Engineering Institute: https://icei.org
Please visit their site and donate: the civilization you save might be your own.
_______________________________________________
devel mailing list
devel@ntpsec.org
http://lists.ntpsec.org/mailman/listinfo/devel
