Any use PKI?? (Pubkic Key Infrastructure) for anything? What?
Tracy R Reed
treed at ultraviolet.org
Sat Mar 30 22:38:02 PST 2002
On Sat, Mar 30, 2002 at 08:31:10PM -0800, Christian Seberino wrote:
> Thanks for reply.
> If I'm not mistaken GPG/PGP are for signing and/or
> encrypting your email in transit. They do not
> solve the problem (I don't think) of securely
> transporting public keys to whomever wants them.
Sure they do. They dump my key so I can send it to others and they let
other people sign my key when they can verify via some out of band means
(such as a personal meeting where I display some acceptable form of
identification, not necessarily a drivers license) that the key really
belongs to the person they think it belongs to.
> Sure I *can* get a GPG/PGP email from you but how
> do you know I have *your* public key and no one
> has fooled me with a bogas public key??
Via the method I describe above. The Web Of Trust.
> Where is the certificate authority??? Who vouches
> for your public key??? I think this is the PKI
> part that I am wondering if small business or
> home offices ever use.
I am very much against certificate authorities. It's too important a job
to completely centralize. They have failed in the past and they will fail
again. Verisign has issued certificates for keys claiming to belong to
organisations which they did not. Not only that but they are hideously
expensive for what they do and they have a practical monopoly on the CA
market because the most widely used browsers only support a small handful
of CA's. Only I and others you trust to do so can vouch for my public key.
--
Tracy Reed http://www.ultraviolet.org
Q: Where would Microsoft take you today? A: Confutatis maledictis,
flammis acribus addictis... Micro$oft has a TV ad for their Internet
Exploder which uses "Confutatis Maledictis" from Mozart's Requiem. As the
announcer asks "Where do you want to go today?", the choir sings:
"Confutatis maledictis, flammis acribus addictis" which is Latin for "The
damned and accursed are convicted to the flames of hell."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 240 bytes
Desc: not available
Url : http://www.kernel-panic.org/pipermail/kplug-list/attachments/20020330/61851bcb/attachment-0001.pgp
More information about the KPLUG-List
mailing list