[cryptography] [SSL Observatory] After the dust settles -- what happens next? (v. Long)
Joe St Sauver
joe at oregon.uoregon.edu
Mon Sep 12 16:58:01 EDT 2011
Peter Gutmann <pgut001 at cs.auckland.ac.nz> commented:
# I'm being conservative here, in practice I don't recall seeing anyone
# expressing faith in PKI, but I didn't read every one of the vast numbers
# of comments.
Well, I'd suggest that NIST 800-63
provides at least an organizational endorsement of PKI since I don't
see how you'd pragmatically get to LOA 4 (section 8.2.4 on PDF page 47)
*without* using PKI.
Are there other alternatives that people have deployed to get to LOA 4?
More information about the cryptography