Talk:Key management

From Wikipedia, the free encyclopedia
Jump to: navigation, search
WikiProject Cryptography / Computer science   
WikiProject icon This article is within the scope of WikiProject Cryptography, a collaborative effort to improve the coverage of Cryptography on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.
 ???  This article has not yet received a rating on the quality scale.
 ???  This article has not yet received a rating on the importance scale.
Taskforce icon
This article is supported by WikiProject Computer science.
 

Hmm[edit]

Should this article link to ISAKMP maybe? I dont know!

I added ISAKMP to Category:Key management. I think that should do it. --agr 13:07, 3 May 2006 (UTC)

article needs actual practice coverage[edit]

It would be nice if someone could expand the article to describe something of the actual practice of key management as well as a list of the areas it encompasses. A bit of how, as well as what! Gobbag (talk) 10:43, 28 April 2008 (UTC)

semi-commercial link removed[edit]

This link seems to be more commercial than is acceptable.

So I removed it. Anyone have a different view? ww (talk) 03:00, 19 June 2008 (UTC)

I don't think that removing this was really the right thing to do. The Key Management Summit is an IEEE-sponsored event, not a trade or industry show. 75.18.187.34 (talk) 04:03, 22 August 2008 (UTC)lm

I agree with above, you cannot entirely move away from commercial aspects and applications of the key management. IEEE, just like ANSI or FIPS is a non-profit professional organization. KSinitski (talk) 21:06, 3 September 2008 (UTC)

Cleaning Up Key Management[edit]

We need to clean up Key Management - add best practices, talk more about typical applications, regulation bodies and standards and remove/marginalize access control.KSinitski (talk) 21:05, 3 September 2008 (UTC)

Merge symmetric key management[edit]

Given how underdeveloped this article is, there's no purpose in forking asymmetric and symmetric key management into separate articles. Both will almost certainly require a detailed explanation of the other. These articles could be better managed and kept consistent with a single source as well. Also, any discussion as to storage, generation, etc, will require both. Also, the actual systems that do key management kerberos fit better under the broader term. Shadowjams (talk) 05:31, 4 April 2009 (UTC)

Key management for sysmmetric key crypto is quite distinct from that needed for asymmetric key crypto. In the one case, key secrecy is required in all circumstances, while in asymmetric key crypto only the 'private' is to be kept secret. Managmetn in asymmetric key crypto is also concerned with the 'public' key which poses the additional problem that it must be properly associated with the issuer to avoid some attacks which exploit uncertainty in that respect. Also it include s a requiremnt for key revocation to avoid stale or compromised public keys.
I'd say the distinction is significant enough for two articles, not two squashed into one. This despite the lack of quality in this one. Conceptually and operationally distinct and so should remain articlistically distinct as well. Oppose the proposed merger. ww (talk) 08:43, 4 April 2009 (UTC)
WP:MERGE provides four guidelines for mergers
  1. Duplicate - There are two or more pages on exactly the same subject and having the same scope.
  2. Overlap - There are two or more pages on related subjects that have a large overlap. Wikipedia is not a dictionary; there does not need to be a separate entry for every concept in the universe. For example, "Flammable" and "Non-flammable" can both be explained in an article on Flammability.
  3. Text - If a page is very short and is unlikely to be expanded within a reasonable amount of time, it often makes sense to merge it with a page on a broader topic. For instance, parents or children of a celebrity who are otherwise unremarkable are generally covered in a section of the article on the celebrity, and can be merged there.
  4. Context - If a short article requires the background material or context from a broader article in order for readers to understand it. For instance, minor characters from works of fiction are generally covered in a "List of characters in <work>", and can be merged there; see also WP:FICT.
This proposal is not #1, but it is #2 and #4, and #3 is compelling. As I've already indicated, the storage, and dissemination of keys is highly similar between the two. Both articles will require background that is similar to both--overlap. The most meaningful part of the discussion will be that of the protocols that actually do key management, protocols like Kerberos, etc. And, because almost every moderately complex system will employ both types of protocols, it makes little sense to talk about each separately even though most readers will be looking for information on management as per their system, not the discrete type of algorithm used by their system. The third argument is most relevant here. If the articles were longer they would warrant a split as per the guidelines. However this article is 3k, far from the 60k suggested for a split. This is too small as is, let alone to warrant a split.
A merger doesn't risk losing information--just having it all accessible in one article with a common introduction, common concepts, and an inherently synchronized explanation of the common features. Then, each go into their own sections. I think a reader would find this format much more useful, not to mention editors would be more inclined to improve the article. Shadowjams (talk) 06:02, 5 April 2009 (UTC)
Agree. Key management is the parent topic, it's not really talking about asymmetric keys. Jay (talk) 20:12, 11 May 2009 (UTC)

Comments[edit]

In my opinion, there is nothing to "merge". I suggest the article be deleted and be replace with a redirect to Public-key infrastructure. Skippydo (talk) 20:09, 12 May 2009 (UTC)

Chapter 13 Key Management Techniques of [1] is what comes to mind when I hear the phrase key management. I don't see what managing needs to be done in the symmetric setting. Skippydo (talk) 20:13, 12 May 2009 (UTC)
A delete isn't going to happen (no way the AfD community would delete it when merge is available), but a merge is plausible. I've not pushed the issue since ww's response, but upon reflection I think it bears noting that what makes the article notable is the management of the keys, not what kind of keys are being managed. Obviously differences in types of keys matters, but they overlap to such an extreme degree that it makes no sense to have the two apart.
PKI is different because PKI involves large scale distributed and often unfamiliar parties exchanging key information. If anything PKI would be a subset of Key management, although that debate I think should wait until this merge is completed.
I'll give this a few more days, then I'll undertake steps to complete the merge. Shadowjams (talk) 21:18, 12 May 2009 (UTC)
Perhaps my terminology is incorrect. I wanted to express my opinion that this article contains nothing of value. The content should be replaced with a redirect. It seems a I was also confused by the direction of the merge.
I've only just read the article on Symmetric key management. It does not cite any useful sources but perhaps it is worth keeping. Could we "merge" this article into Symmetric key management and replaced this article with a disambiguation page? Skippydo (talk) 15:15, 13 May 2009 (UTC)
What will it disambiguate? Jay (talk) 13:58, 29 May 2009 (UTC)
I wanted to write a section on keystore, and that is not related to symmetric keys but keys in general. Moving a generic article to a specific article is not going to help in that case. Jay (talk) 13:58, 29 May 2009 (UTC)