[cryptography] Client TLS Certificates - why not?

Jeffrey Walton noloader at gmail.com
Tue Mar 5 14:44:35 EST 2013


On Tue, Mar 5, 2013 at 2:38 PM, James A. Donald <jamesd at echeque.com> wrote:
> On 2013-03-06 1:18 AM, Jeffrey Walton wrote:
>>
>> That's Patient 0. Its the key distribution problem. Its the cause of
>> all the troubles.
>>
>> Web of Trust, Hierarchy of Trust, DNSSEC/DANE, Sovereign Keys,
>> Convergence, {Certificate|Public Key} Pinning, Key Continuity, etc are
>> all band-aides for the first patient.
>
> Wrong phrase.  You seldom want to distribute keys.  You want to distribute
> information about public keys.
Perhaps I should call it the info-distribution problem?

In the case of information distribution, it seems to me the problem
was just moved around (to paraphrase Ian, Dr. Gutmann, et al).

Jeff



More information about the cryptography mailing list