Advocacy:
One of the core assumptions of the x.509 world is ONE SIGNATURE, and
ONE AUTHORITY.
Thing is: There is no one authority :-). God doesn't issue SSL
certificates. Apart from him, I trust only me and my friends.
Different school of thought.
Yes, definitely.
It's the reason why S/MIME never took off for private mail - it just
doesn't fit. It's a 1:1 relationship, with no place for a CA (apart from
first sight maybe).
This proposal has the potential to let these two camps make peace. To
let SSL be useful in the other scenario, too, where I need a strong,
direct, continuous trust relationship with another party online.
Please don't fend it off because the proposal is somewhat different from
the old model. It has to be. It's a relatively small change in
comparison to using an entirely different system for those other needs.
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
