>>>>> "Scott" == Scott Cantor <[log in to unmask]> writes:
Scott> Maybe I don't understand what you mean by "single
Scott> request". Are you suggesting some kind of real-time
Scott> submission + hash taking place? That would be a little tricky
Scott> unless, again, you didn't actually care what it was
Scott> hashing/signing.
>>
>> Yes. That's roughly what Josh and I proposed. Trusted party
>> policy for what to accept will be a bit tricky as with any
>> non-trivial policy for things like CA signing and the like. I
>> don't think it is any more tricky than any fully automated
>> policy.
Scott> Ok, I understand your proposal now. That is in principle much
Scott> like "not hashing the whole document" except that you carve
Scott> out the exceptions semantically in the act of hashing the
Scott> whole thing rather than actually doing that cryptographically
Scott> in the hashing step.
Right. Obviously, it is incrementally deployable. You can start with
the TA only approving documents that its humans have approved and become
more liberal as customer demand requires without actually changing the
protocol.
To the extent that local control is a motivation for the proposal it is
to reduce opex by getting the federation operator out of the business of
approving or managing most metadata changes. Clearly to see most of
that opex reduction, you'd need to get as far in deploying this as is
required so that you're not actually approving most metadata changes.
|