MHonArc v2.5.0b2 -->
emergency message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: Re: [emergency] Message encryption -- was RE: [emergency-comment] RE: [CAP] RE: CAP-list digest...)
On Mar 24, 2004, at 2:45 PM, Kon Wilms wrote:
> In my personal opinion this is clearly outside the scope of the CAP
> message,
> and any vendor worth their salt should be able to easily pick one of
> many
> standards available to encrypt messages (PKI, symkey, SSL, etc.) where
> needed, no matter the transport used. You can do this dependent on the
> transport, or not. Pick your option - pipe or content encryption (or
> both).
> Nothing complex or non-standard for implementation here.
>
> Someone mentioned HTTP in a previous post - this is the same concept.
> How
> many servers do you see using self-signed HTML pages with an embedded
> hash
> or such, vs. using SSL to encrypt vanilla HTML pages. A big fat zero.
I completely agree - not part of CAP. That being said, just as using
SSL to define/profile "how" pages should be sent securely across HTTP,
we do need to address transporting the data to ensure we done a bunch
of servers (aka implementations) doing their own thing. Otherwise
nothing will work. We need to provide at least some level of guidance.
Allen
--
R. Allen Wyke
Chair, OASIS Emergency Management TC
emergency-tc@earthlink.net
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]