[628] in WWW Security List Archive
Re: Netscape Changes RSA tree
daemon@ATHENA.MIT.EDU (marcvh@spry.com)
Tue Apr 25 15:25:08 1995
From: marcvh@spry.com
To: Drexel Atkinson <datkins@unm.edu>
cc: Jason Dawes <dawes@dstc.qut.edu.au>, www-security@ns2.rutgers.edu
In-reply-to: Your message of "Mon, 24 Apr 1995 16:29:24 MDT."
<Pine.A32.3.91.950424161502.17919D-100000@spam.unm.edu>
Date: Tue, 25 Apr 1995 08:48:52 -0700
Errors-To: owner-www-security@ns2.rutgers.edu
> > The PGP model makes it very difficult to verify the certifiers of someones
> > signature in a reliable way. With no hierarchy implicit, there is no easy
> > way of finding a common point of trust (In a hierarchtical model, possibly:
> > a Notary Public) without some sort of exhaustive search.
> >
> > Yes, that may be their public key, but can you prove it?
to a judge? And, if it turns out not to be their public key, who can
you sue for negligence or fraud?
> The last usenix has an mit presentation on a client/server model called
> the pgp signer. Good article in the notes(but apparently not on line
> yet).
>
> They built a server which happens to be a kerberos principal(or kerberos
> authentication service) and then distributed the signer client which appears
> to pgp as another user with a public key. After being invoked, the client
> sends the user's public key and name as a kerberos transaction to the signer
> server. The server verifies the public key/kerberos name, and if "congruent"
> it signs the pgp public key and name using its private key and returns it to
> the client. This takes care of the problem of authenticating a digital
> signature which pgp may present.
Really? So how does it work in locations that don't already have a kerberos
infrastructure? In what way is it non-hierarchical? If you want to use
kerberos for WWW security, why not just use it to negotiate a key as SHTTP
supports; why bother with PGP at all?
