[prev in list] [next in list] [prev in thread] [next in thread]
List: ietf
Subject: Re: Time to dump X.400 support?
From: Dave Cridland <dave () cridland ! net>
Date: 2013-09-25 9:29:34
Message-ID: CAKHUCzxnK+FJuVg8gSK6Nx3NrDgad2ofo0Ych8AFVDo_-pb6pg () mail ! gmail ! com
[Download RAW message or body]
On Tue, Sep 24, 2013 at 5:25 PM, Phillip Hallam-Baker <hallam@gmail.com>wrote:
> Looking at the extreme breach of trust by US govt re PRISM, I think it is
> time to do something we should have done decades ago but were stopped at US
> Govt request.
>
> Lets kill all support for X.400 mail.
>
>
Actually, as far as I'm aware, the US and UK government uses of X.400 are
being phased out fairly rapidly, so they'd probably support trimming out
most of the support from PKIX too.
> This is still in use, I know. But looking through the PKIX spec the schema
> is ten pages long. I count seven pages of garbage that we could kill if we
> abandoned support for X.400, garbage character sets no longer needed, bogus
> time formats, etc. etc.
>
>
> Certificates do not need to be as complicated as X.509v3 made them. To
> work with certificates issued for the Internet, an application needs to
> support only 20% of the PKIX schema at most.
>
>
I'd be interested to see a more concrete proposal. I would offer my
apps-oriented viewpoint in the work, too.
Dave.
[Attachment #3 (text/html)]
<div dir="ltr">On Tue, Sep 24, 2013 at 5:25 PM, Phillip Hallam-Baker <span \
dir="ltr"><<a href="mailto:hallam@gmail.com" \
target="_blank">hallam@gmail.com</a>></span> wrote:<br><div \
class="gmail_extra"><div class="gmail_quote"> <blockquote class="gmail_quote" \
style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div \
dir="ltr">Looking at the extreme breach of trust by US govt re PRISM, I think it is \
time to do something we should have done decades ago but were stopped at US Govt \
request.<div> <br></div><div>Lets kill all support for X.400 mail. </div>
<div><br></div></div></blockquote><div><br></div><div>Actually, as far as I'm \
aware, the US and UK government uses of X.400 are being phased out fairly rapidly, so \
they'd probably support trimming out most of the support from PKIX too.</div> \
<div> </div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px \
#ccc solid;padding-left:1ex"><div dir="ltr"><div></div><div>This is still in use, I \
know. But looking through the PKIX spec the schema is ten pages long. I count seven \
pages of garbage that we could kill if we abandoned support for X.400, garbage \
character sets no longer needed, bogus time formats, etc. etc.</div>
<div><br></div><div><br></div><div>Certificates do not need to be as complicated as \
X.509v3 made them. To work with certificates issued for the Internet, an application \
needs to support only 20% of the PKIX schema at most.</div> <span \
class="HOEnZb"><font color="#888888"> \
<div><br></div></font></span></div></blockquote><div><br></div><div>I'd be \
interested to see a more concrete proposal. I would offer my apps-oriented viewpoint \
in the work, too.</div><div><br></div><div>Dave.</div></div> </div></div>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic