Re: Articulation of PGP point of view?

The PEM model assumes a hierarchical distribution of keys, with some
small number of trusted root servers acting as the source from which
all trust flows, and a key distribution system which follows those
hierarchical lines of trust.  I know who you are because the US Postal
Service has vouched for you, and because I implicitly trust the USPS
(or the Commander in Chief, King, or other soverign entity) to have it
right.

The PGP model assumes a network distribution of keys, with some relatively
large number of well known, public, well-networked people or organizations
forming cores of trust relationships, and a key distribution system that
follows the human network.  I know who you are because I can trace some
convincing chain of associations through a web of relationships.

If you want to make a network analogy, PEM is the ARPANET's central
host tables and PGP is the Usenet's UUCP maps and paths. PEM depends
critically on a universal deployed naming infrastructure, while PGP
can get by with only limited point-to-point knowlege and some careful
among of transitive trust.

I'm much more likely to believe the PGP is suitable for commercial use
than PEM; PGP seems to map rather more neatly into the tangled web
of customer / supplier / competitor / colleague relationships than
the top down PEM model with its "trusted" key distribution facilities.

If I have anything really wrong, I hope that I'll be corrected.

  Edward Vielmetti, vice president for research, Msen Inc. 
emv(_at_)Msen(_dot_)com
Msen Inc., 628 Brooks, Ann Arbor MI  48103 +1 313 998 4562 (fax: 998 4563)

In article 
<9310211527(_dot_)AA19289(_at_)ipsi(_dot_)darmstadt(_dot_)gmd(_dot_)de> you 
wrote:
:  > Date: Thu, 21 Oct 1993 10:54:43 -0500
:  > To: pem-dev(_at_)tis(_dot_)com
:  > From: "Robert W. Shirey" <shirey(_at_)mitre(_dot_)org>
:  > Subject: Articulation of PGP point of view?
:  > 
:  > Is there anyone who has, or is able to, articulate
:  > the PGP point of view for public key management and
:  > compentently contrast it to the PEM point of view?
:  > 

: How much I would like to read the output of this!
: Does such a statement exist? This list is certainly
: a thankful forum of interested readers.

: Ruediger

<Prev in Thread]	Current Thread	[Next in Thread>
Articulation of PGP point of view?, Robert W. Shirey Re: Articulation of PGP point of view?, Ruediger Grimm Re: Articulation of PGP point of view?, Edward Vielmetti <= Re: Articulation of PGP point of view?, Philip Zimmermann Re: Articulation of PGP point of view?, Ruediger Grimm Re: Articulation of PGP point of view?, Brad Huntting Re: Articulation of PGP point of view?, Derek Atkins Re: Articulation of PGP point of view?, Robert W. Shirey Re: Articulation of PGP point of view?, Derek Atkins Re: Re: Articulation of PGP point of view?, jueneman%wotan Re: Re: Articulation of PGP point of view?, jueneman%wotan Re: Re: Articulation of PGP point of view?, Theodore Ts'o Re: Articulation of PGP point of view?, emv

Previous by Date:	Apologies to all, Syl Miniter 803-768-3759
Next by Date:	Boss and Secretary Problem (Redux), Frank Sudia
Previous by Thread:	Re: Articulation of PGP point of view?, Ruediger Grimm
Next by Thread:	Re: Articulation of PGP point of view?, Philip Zimmermann
Indexes:	[Date] [Thread] [Top] [All Lists]