Re: a case for PEM's key certification (over PGP's)

For a while now, I've wished there were an e-mail address for Congress (if
not for each individual Congress member).  However, I would expect the
average Congress person to distrust unsigned e-mail -- so I see this as a
good first use for PEM.  PGP with its loose certification is probably too
loose to substitute for a legal signature.


I disagree.  PGP's certification follows reality and paranoia.  It
allows for requiring multiple signatures on a certificate as well as
limiting the number of certificate's in a chain, and limiting the
ammount of trust applied to a certificate.  After all, just because M.
Noriega (spelling flame off) has a certificate signed by RSADSI, and as
signed off on J. Hoffa's certificate doesn't mean that any signed
message from J. Hoffa should be believed.

Structuring the certificate system so that users have no choice but to
"trust from above" (assuming that's what your advocating) is autocratic
inflexable and unacceptable.


Then again I could be wrong...
brad

<Prev in Thread]	Current Thread	[Next in Thread>
a case for PEM's key certification (over PGP's), Carl Ellison a case for PEM's key certification (over PGP's), Craig A. Finseth Re: a case for PEM's key certification (over PGP's), Brad Huntting <=

Previous by Date:	a case for PEM's key certification (over PGP's), Craig A. Finseth
Next by Date:	Re: PEM/mailer integration via MIME, John Linn 10-Nov-1992 1555
Previous by Thread:	a case for PEM's key certification (over PGP's), Craig A. Finseth
Next by Thread:	Multiple suites of PEM algorithms, Stephen D Crocker
Indexes:	[Date] [Thread] [Top] [All Lists]