Comment by ggm

2 days ago

X.400 we're approaching it by stepwise refinement. It had X.500 which lives on as X.509 certificates and LDAP.

ISO/OSI had session layer. ie much of what QUIC does regarding underlying multiple transports.

Speaking of X.509 the s-expressions certificate format was more interesting in many ways.

1 comment

ggm

Reply
thequux  1 day ago

OSI's session layer did very little more than TCP/UDP port numbers; in the OSI model you would open a connection to a machine, then use that connection to open a session to a particular application.

X.400 was a nice idea, but the ideal of having a single global directory predates security. I can understand why it never happened

On X.509, the spec spends two chapters on attribute certificates, which I've never seen used in the wild. It's a shame; identity certificates do a terrible job at authentication