[2841] in WWW Security List Archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

RE: SSL and certificates

daemon@ATHENA.MIT.EDU (Jon Tegethoff)
Thu Aug 29 11:43:57 1996

From: Jon Tegethoff <jet@cypher-sage.com>
To: "'Michael Brennen'" <mbrennen@fni.com>,
        "'Www-Security@ns2.rutgers.edu'"
	 <Www-Security@ns2.rutgers.edu>
Date: Thu, 29 Aug 1996 08:58:52 -0500
Errors-To: owner-www-security@ns2.rutgers.edu

On Wed, 28 Aug 1996, Michael Brennen wrote:

>For a commercial application you will need to use ViaCrypt PGP.  There are
>versions for Windows, Mac and many different flavors of Unix.  They don't
>give out source; all distributions are binary. 
>
>http://www.viacrypt.com/
>
>One major reason for using PGP is the simplicity of key management.  In
>DES or IDEA you need a secure channel to exchange keys.  With PGP, key
>management becomes much simpler. 

I believe that this is the major reason for not using PGP for this type 
of application.  The trust model is not solid enough.  Trusted CAs are required!

Jon


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[2841] in WWW Security List Archive

RE: SSL and certificates

daemon@ATHENA.MIT.EDU (Jon Tegethoff)Thu Aug 29 11:43:57 1996

daemon@ATHENA.MIT.EDU (Jon Tegethoff)
Thu Aug 29 11:43:57 1996