- From: Poul-Henning Kamp <phk@phk.freebsd.dk>
- Date: Mon, 07 Dec 2015 12:45:47 +0000
- To: Cory Benfield <cory@lukasa.co.uk>
- cc: Jacob Appelbaum <jacob@appelbaum.net>, Amos Jeffries <squid3@treenet.co.nz>, ietf-http-wg@w3.org
-------- In message <FCF50BFC-3C9F-49EE-BA31-FE345A597446@lukasa.co.uk>, Cory Benfield writes: >However, I think it is a dereliction of duty for this WG to not >address the requirements of a key distribution system in anything we >want to standardise. I agree that if there were *no* key-distribtion available that then it would be pointless to bless that draft. But there *are* key-distributions available, most notably PSK. >Yes, PSK is clearly totally acceptable. The draft should say so. You know, I'd actually prefer the draft isn't bloated with boilerplate text like that. It should concentrate on the task at hand and simply caution: "We remind the reader that Key-distribution is the only really hard cryptographic problem, do not take it lightly." -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Received on Monday, 7 December 2015 12:46:15 UTC