bede@LINUS.MITRE.ORG (12/20/89)
I'll add my 2 cents worth on this: according to a paper published
in the most recent SOSP proceedings ("Operating Systems Review", Vol
23, No 5), X.509 is somewhat buggy -- to the extent that it is
possible to break the security of the scheme *without breaking the
key*. This means that the encryption scheme -- RSA or otherwise --
isn't going to do X.509 any good. According to the same paper,
kerberos doesn't share this weakness (in fact, the authors go as far
as to proclaim the kerberos scheme bug-free). I'm quite open to
enlightenment on this, though, so if there is some other source which
successfully rebuts these conclusions, I'd be quite happy to be
corrected.
But for my part, this sort of revelation makes me wonder why anyone
should even consider using X.509, let alone adopt it as a standard.
And the question of actually paying for the privilege seems almost
absurd.
-Bede McCall
MITRE Corp. Internet: bede@mitre.org
MS A114 UUCP: {decvax,philabs}!linus!bede
Burlington Rd.
Bedford, MA 01730 (617) 271-2839