North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: PGP kerserver infrastructure

  • From: Roeland Meyer (E-mail)
  • Date: Tue Jun 27 16:30:51 2000

> L. Sassaman: Tuesday, June 27, 2000 12:43 PM

> There are many issues too detailed to go into here that should
> formally addressed in regards to keyservers. If the keyserver
> infrastructure does ramp up, I think that an RFC will be in
> order. Anyone
> with the IETF here? Who would I talk to about forming such a
WG? Is a
> keyserver standard within the scope of the IETF?

I get a real good chuckle out of this thread.<g>
1) Randy hisself is a promenent member of the IETF.
2) Having co-chaired a WG, I suspect that randy may even know how
it's done.
3) I'd bet a small amount of change that Randy has already
started the wheels in motion, even before he sent the first
4) I suspect that this thread exists to measure the level of
interest among the major players.

Now for something on-topic;
Yes, Internet PKI, in it's present state, sucks. Yes, there is a
need, but the architecture definitely needs a look-see.
Personally, I think it grossly inadequate and there ain't no way
that it can be made as reliable as DNS, in it's present form.
It's basically a poor-man's TLS with about half the fore-thought.
Personally, I've been working with X.509 certs as an improvement
over basic PGP, but again, the PKI sucks there as well.

But, as a previous poster already brought to surface, the users
must have an interest in this service or NONE of the ISPs will be
interested in deployment. The reason that existing PKI sucks is
mainly a lack of serious user interest. There are NO
production-level PKI servers out there today. None of them will
commit to an SLA and there are too few customers that will pay
the required bucks to support a decent SLA, for a PKI
infrastructure. Build it and they will NOT come, yet.

As usual, this is only an opinion

R O E L A N D  M .  J .  M E Y E R
CEO, Morgan Hill Software Company, Inc.
An eCommerce and eBusiness practice
providing products and services for the Internet.
Tel: (925)373-3954
Fax: (925)373-9781