-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 All, On 2004-02-25, at 10.01, Randy Bush wrote:
X.509 is not the way to go. It's just a (needless) duplication of effort. And wading forever in the mess of "do we use this protocol/format or that" and so on.
I would have to concur with this objection. PGP/GPG works, it is well suited to workflow, requires few special tools (bar pgp software) on the client side, and is an established method.
Forcing certificate handling onto the LIR community is NOT good service, it is IMNSHO overcomplication. PKIen have their uses, but this is not one.
I say NO to X.509.
i would ammend slightly. the rirs provide us service. some of us find pgp easier to deploy and use. some will provide x.509 easier. so the rirs accepting *both* would be good.
randy, a pgp kinda guy who also uses x.509 occasionally
I am kind of puzzled here. The X.509 scheme was proposed there way before two RIPE meetings ago, when the NCC Services WG was new. I was also then voicing criticism, as was a few others. Not much discussion was raised though. Shawn then made a good presentation at the NCC Services WG meeting two RIPE meetings ago. We also had Dirk-Wilhelm van Gulik come in and explain X.509 and certificates in general. After the presentation, from what I remember most people thought this was a good idea, and a good add-on. So the NCC proceeded. So, I am bit surprised that people are start having views -now-. But I must agree with Randy, I have a hard time seeing what the problem is catering for multiple needs. - - kurtis - -----BEGIN PGP SIGNATURE----- Version: PGP 8.0.3 iQA/AwUBQDx0CqarNKXTPFCVEQJP9wCg/Fry0R1u6CcjJKVhBJd7hZUCb60AoMOj 2FyShsugqEROrYTrg8ZFsBSN =jzi+ -----END PGP SIGNATURE-----