Re: [Monotone-devel] Re: key trust

[Conrad Steenberg]

On Wed, 2005-10-12 at 20:18 +0100, Bruce Stephens wrote:
> Richard Levitte - VMS Whacker <address@hidden> writes:
> 
> [...]
> 
> > Yes, self-signed certificates would provide exactly the same
> > capabilities as today's key system does.  This is what OpenCM did
> > (does?), and I questioned that kind of use with that group, and I
> > will here as well.  Basically, it provides nothing more than bloat
> > around the keys.  If you're going to use X.509, do it for real.
> 
> I think OpenCM can probably be considered as dead.  Like Stellation.
> Shame, because both seemed to me to have interesting approaches to
> things.
> 
> By doing X.509 "for real", are you thinking of the full flexibility
> described in the recently published RFC 4158?
> 
> I'm not saying that would be impossible---I believe the freely
> available CML software (part of SMP) will do all that, with knobs on.
> Maybe that's a good argument against doing it: stop complaining
> monotone doesn't use X.509, or we'll *really* do X.509, and then
> you'll be sorry.

Good point ;-)

Any such "enhanced key trust" system should hide the complexity to make
it seem the same as the current implementation as far as possible. Or it
would be dead in the water...

Cheers

Conrad

> 
> [...]
> 
> 
> 
> _______________________________________________
> Monotone-devel mailing list
> address@hidden
> http://lists.nongnu.org/mailman/listinfo/monotone-devel
-- 
Conrad Steenberg <address@hidden>
California Institute of Technology

smime.p7s
Description: S/MIME cryptographic signature