-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Tue, 27 Jun 2000, Roeland Meyer (E-mail) wrote:
I get a real good chuckle out of this thread.<g> 1) Randy hisself is a promenent member of the IETF. 2) Having co-chaired a WG, I suspect that randy may even know how it's done. 3) I'd bet a small amount of change that Randy has already started the wheels in motion, even before he sent the first message. 4) I suspect that this thread exists to measure the level of interest among the major players.
Well, if this is truly the case, that is wonderful. I'd like to hear Randy's thoughts on a Keyserver WG, however.
Now for something on-topic; Yes, Internet PKI, in it's present state, sucks. Yes, there is a need, but the architecture definitely needs a look-see. Personally, I think it grossly inadequate and there ain't no way that it can be made as reliable as DNS, in it's present form. It's basically a poor-man's TLS with about half the fore-thought. Personally, I've been working with X.509 certs as an improvement over basic PGP, but again, the PKI sucks there as well.
Could you elaborate on these statements?
But, as a previous poster already brought to surface, the users must have an interest in this service or NONE of the ISPs will be interested in deployment. The reason that existing PKI sucks is mainly a lack of serious user interest. There are NO production-level PKI servers out there today. None of them will commit to an SLA and there are too few customers that will pay the required bucks to support a decent SLA, for a PKI infrastructure. Build it and they will NOT come, yet.
Well, my opinion may be clouded, since i am on the Keyserver team at NAI... but our PGP Keyserver is used by numerous companies in production-level situations to manage large PGP-based PKIs. The problem as I see it is not the software quality (Highware and Marc Horowitz's folks have also done an excellent job on their servers) but in the hardware and network resources allocated to the public keyserver network. __ L. Sassaman System Administrator | "Everything looks bad Technology Consultant | if you remember it." icq.. 10735603 | pgp.. finger://ns.quickie.net/rabbi | --Homer Simpson -----BEGIN PGP SIGNATURE----- Comment: OpenPGP Encrypted Email Preferred. iD8DBQE5WRP/PYrxsgmsCmoRArvvAKCjpTZLV3IuG5g81Q0gK2/9g6JtAwCeNwZv 2NXG40U0lRj8HpFbeNBk/U4= =imkR -----END PGP SIGNATURE-----