[2850] in WWW Security List Archive
Re: SSL and certificates
daemon@ATHENA.MIT.EDU (Bob Denny)
Thu Aug 29 19:33:24 1996
From: "Bob Denny" <rdenny@dc3.com>
Date: Thu, 29 Aug 1996 14:38:19 -0700
In-Reply-To: Michael Brennen <mbrennen@fni.com>
"RE: SSL and certificates" (Aug 29, 10:26)
To: Michael Brennen <mbrennen@fni.com>, Jon Tegethoff <jet@cypher-sage.com>
Cc: "'Www-Security@ns2.rutgers.edu'" <Www-Security@ns2.rutgers.edu>
Errors-To: owner-www-security@ns2.rutgers.edu
This list is not replyable (list address is in cc:), so I think I posted my
last message directly back to the author. I gotta watch that here...
> > I believe that this is the major reason for not using PGP for this type
> > of application. The trust model is not solid enough. Trusted CAs are
> > required!
The hierarchical trust model is a degenerate case of PGP's more general "web
of trust" model. By agreement, PGP can be run in a hierarchical trust mode
without any changes to the software. Just agree to trust only "CAs" to sign
keys.
> Overall I agree, and the CA infrastructure is being worked out.
> [...]
> As in most secure contexts, it becomes a matter of risk assessment and a
> careful examination of what I base my trust on.
Exactly. And it is your assesment of risk that should guide your selection of
who you trust to sign keys for PGP. For some reason, this is not well
understood, yet it is so simple.
-- Bob
