Re: SSL/TLS everywhere fail

On 8 December 2015 at 00:11, Cory Benfield <cory@lukasa.co.uk> wrote:
>> Let’s take draft-thomson-signing and draft-thomson-encryption, and have them both normatively reference a draft that talks about key distribution. We don’t have to detail it in those drafts, but in my view we absolutely have to talk about it somewhere.

I apologize for missing this, I think that it's an important question
to address... (In my defence, the amount of digital ink spilled here
is beyond my current ability to track.)

I don't think that this is a sensible strategy.  There are a few uses
already for both drafts, both of which have very different key
management strategies.  Attempting to button this down in the way you
suggest would necessarily bless or condemn a whole range of
possibilities.

Received on Monday, 7 December 2015 13:20:33 UTC