Netscape the Big Win
Eric Rescorla
ekr at eit.COM
Fri Jul 21 01:44:23 PDT 1995
Hal Finney writes:
>From: Adam Shostack <adam at bwh.harvard.edu>
>> Actually, it also supports Kerberos (not relevant to most of
>> us), and PGP messaging. Although a KCA would be needed before anything
>> useful came of the PGP support, at least its there.
>
>It appears that support for PGP messaging has been removed from the
>July 1995 SHTTP draft. So it's X.500 all the way.
><URL:http://info.internet.isi.edu/in-drafts/files/draft-ietf-wts-shttp-00.txt>
Well, X.509 for now. The Eastlake-Kaufman DNS Security work
(draft-ietf-dnssec-secext-04.txt) plus MOSS (draft-ietf-pem-mime-08.txt
--now proposed standard, awaiting an RFC number) promise to give us
a non-X.509 certification structure for the Internet. S-HTTP explicitly
looks to this work to free us from X.500.
Note that this only marginally improves the situation, however,
since what you really want is commercial-grade certification,
and you still can't issue RSA certificates, whatever the
format, without licensing from RSADSI. This promises to be
something of an issue in the future.
-Ekr
More information about the cypherpunks-legacy
mailing list