- From: Joseph Hui <Joseph.Hui@exodus.net>
- Date: Tue, 7 May 2002 16:17:42 -0700
- To: "Mark Baker" <distobj@acm.org>
- Cc: <www-ws-arch@w3.org>
> From: Mark Baker [mailto:distobj@acm.org] > Sent: Tuesday, May 07, 2002 3:07 PM > To: Joseph Hui > Cc: www-ws-arch@w3.org > Subject: Re: D-AR006.7 discussion points > > > On Tue, May 07, 2002 at 02:29:38PM -0700, Joseph Hui wrote: > > > That is very different than saying that PKI should be > used. The use > > > of public keys does not require PKI. > > > > D-AR006.7 doesn't say or imply PKI should be used. Note the mention > > of KDC there. > > Ok, I meant "KI". 8-) > I don't believe we need to require centralization of key storage. "KI" it is. (It doesn't matter to me. I was nitpicking.) The req doesn't call for centralization of key storage. KDC (like Kerberos) approaches work that way. PKI doesn't -- the public key comes with the certs, e.g. The req calls for Key Management. The issue at hand is whether it should be in scope. > I'd prefer a more Web friendly approach of just giving > each key a URI, and allowing me to GET it (and returning 401 or 403 on > secret keys, for example). How dare you mention a mechanism here. This is not the place. Shhhhhhhhhhhh ... ;-). Cheers, Joe Hui Exodus, a Cable & Wireless service
Received on Tuesday, 7 May 2002 19:17:40 UTC