>Peter: you are going to have to re-summarise your question. And then, if you
>are asking why Mozilla code works in a certain way, mozilla.dev.security or
>mozilla.dev.tech.crypto are almost certainly far better venues.
Sure, no problem. I was just replying to a post by Kathleen on this list, and
it seemed like a policy issue so I figured it was the right forum. I'll CC it
to dev.security as well...
The original post was about the fact the Mozilla runs into lots of problems
with top-down path construction:
that you work bottom-up, not top-down. If that's not obvious just from about
a beer's worth of analysis then it should have been when one of said PKI
theoreticians described trying to implement it at a conference and pointed out
that his implementation ran for three days without terminating, after which he
tried the same thing again.
Did no-one see that this was going to happen? Why would anyone try and do it
this way? Rather baffled minds want to know...