Re: Question about time to generate certs

On Sun, Sep 6, 2015 at 10:27 AM, Adam Roach <adam@nostrum.com> wrote:

> On 9/6/15 11:52 AM, Harald Alvestrand wrote:
>
>> What would you recommend as the best explanation of what the "identity"
>> asserted by an ephemeral cert "means"?
>>
>
> For the "stable identity" situation Martin mentions, it's functionally
> equivalent to the certs used by SSH.


Unfortunately, it's somewhat worse than that, for the reasons I just wrote
up.
The Web environment is just much more challenging than the installed app
environment.

-Ekr

>
>

Received on Sunday, 6 September 2015 19:39:30 UTC