Any use PKI?? (Pubkic Key Infrastructure) for anything? What?
mark wolfe
markw at wolfenet.org
Sun Mar 31 02:06:02 PST 2002
That's what keysigning is for, along with the web of trust. You can't
trust his key, unless you verify his public key with him face to face.
Just like you can't verify mine. From what I've gathered, DON PKI is
basically where someone ELSE generates a public/private key for the user
and gives them one or the other on the smartcard/common access card. I
still don't see how it's going to be implemented DON wide without
support in the software for it. Right now it looks as if NAI is killing
pgp, most your windows email clients don't support an encrypt/sign
button. Even if they do, you still need pgp for the backend. This is
one area the Open Source guys have a leg up on the MS guys. It's
pretty ironic that the DON is deploying windows everywhere and then they
want a secure system. :) From everything I've seen from the deckplates,
it's a give them enough rope situation.
Anyway about that keyserver:
http://wwwkeys.us.pgp.net/ again there's that web of trust thing.
Anyway, the DON PKI won't work until you get sailors with a clue, and at
the current wages, you aren't going to get them.
On Sat, 2002-03-30 at 20:31, Christian Seberino wrote:
> Tracy
>
> Thanks for reply.
> If I'm not mistaken GPG/PGP are for signing and/or
> encrypting your email in transit. They do not
> solve the problem (I don't think) of securely
> transporting public keys to whomever wants them.
>
> Sure I *can* get a GPG/PGP email from you but how
> do you know I have *your* public key and no one
> has fooled me with a bogas public key??
>
> Where is the certificate authority??? Who vouches
> for your public key??? I think this is the PKI
> part that I am wondering if small business or
> home offices ever use.
>
> Chris
--
Mark Wolfe http://www.wolfenet.org
gpg fingerprint = 42B6 EFEB 5414 AA18 01B7 64AC EF46 F7E6 82F6 8C71
Feed me on TOASTIES! There's no HALL for PHILOSOPHERS ON FRIDAYS.
- Henry Braun is Oxford Zippy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 232 bytes
Desc: This is a digitally signed message part
Url : http://www.kernel-panic.org/pipermail/kplug-list/attachments/20020331/88382dda/attachment-0001.pgp
More information about the KPLUG-List
mailing list