[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Archive database (projectb) queries for the public

On 13397 March 1977, Ian Jackson wrote:

Part I is all nice and stuff, just needs an implementation.

> We should use a dedicated CA to sign the server's TLS key.

Now this - why? What speaks against using any CA, be it the SPI one (or
one of its subs, like the Debian CA?) as DSA use it elsewhere - or even
one of the mafia sh*t around?

> Using a dedicated CA avoids relying on the public X.509 infrastructure
> which is both inconvenient and insecure.

That rules out the mafia, but not the Debian (Sub) CA.
Thats about the major "WTF?" I have with this, all the rest sounds good.

-- 
bye, Joerg
[ New Maintainer Prozess ]
<panthera> ein jahr ist ein bisschen zu optimistisch,
<_rene_> panthera: kommt auf den NM/AM an.
        /* _rene_ ist pantheras AM und lässt sich mit pantheras 
           package check schon ein wenig Zeit ;) */
Reply to: