Re: pgp signing in van

On 9/6/13 7:45 PM, Scott Kitterman wrote:

They have different problems, but are inherently less reliable than web of 
trust GPG signing.  It doesn't scale well, but when done in a defined context 
for defined purposes it works quite well.  With external CAs you never know 
what you get.


Vast numbers of bits can be and have been spent on the problems
with PKI and on vulnerabilities around CAs (and the trust model).
I am not arguing that PKI is awesome.  What I *am* arguing is that
the semantics of the trust assertions are pretty well-understood
and agreed-upon, which is not the case with pgp.  When someone
signs someone else's pgp key you really don't know why, what the
relationship is, what they thought they were attesting to, etc.

Melinda

<Prev in Thread]	Current Thread	[Next in Thread>
Re: pgp signing in van, (continued) Re: pgp signing in van, Ted Lemon Re: pgp signing in van, Melinda Shore Re: pgp signing in van, Ted Lemon Re: pgp signing in van, Scott Brim Re: pgp signing in van, Ted Lemon Re: pgp signing in van, Melinda Shore Re: pgp signing in van, Ted Lemon Re: pgp signing in van, Melinda Shore Re: pgp signing in van, Ted Lemon Re: pgp signing in van, Scott Kitterman Re: pgp signing in van, Melinda Shore <= Re: pgp signing in van, Scott Kitterman Re: pgp signing in van, John C Klensin Re: pgp signing in van, Andrew Sullivan Re: pgp signing in van, Hector Santos Re: pgp signing in van, Hector Santos Re: pgp signing in van, Michael Richardson Re: pgp signing in van, Ted Lemon Re: pgp signing in van, Peter Saint-Andre Re: pgp signing in van, Hector Santos Re: pgp signing in van, Peter Saint-Andre

Previous by Date:	Re: pgp signing in van, Scott Kitterman
Next by Date:	Re: pgp signing in van, Scott Kitterman
Previous by Thread:	Re: pgp signing in van, Scott Kitterman
Next by Thread:	Re: pgp signing in van, Scott Kitterman
Indexes:	[Date] [Thread] [Top] [All Lists]