OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.

 


Help: OASIS Mailing Lists Help | MarkMail Help

dss message

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]

Subject: Re: [dss] Use-cases and requirements - observations

At 01:06 PM 7/8/2003 -0400, Rich Salz wrote:

> > leave the driving to us.
>
>For example, make an SSL connection to the server.  If the DN in the
>hostname matches the server you're talking to, just trust everything it
>says.
>
>I believe that's the most feasible server-authentication model.  No
>surprise, it's the standard SSL authentication model.

probably OT, but things like SRP give a pretty good server-authentication 
model too.  Particularly if one rationale for DSS is avoiding PKI 
complexities.  And modulo patent issues, of course, which are still a 
little murky:
http://www.ietf.org/internet-drafts/draft-ietf-tls-srp-05.txt

Trevor

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]