[29649] in North American Network Operators' Group
Re: PGP kerserver infrastructure
daemon@ATHENA.MIT.EDU (Bennett Todd)
Sat Jul 1 14:52:59 2000
Date: Sat, 1 Jul 2000 14:50:52 -0400
From: Bennett Todd <bet@rahul.net>
To: "Roeland M.J. Meyer" <rmeyer@mhsc.com>
Cc: nanog@merit.edu, pgp-keyserver-folk@flame.org
Message-ID: <20000701145052.G2607@oven.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-md5;
protocol="application/pgp-signature"; boundary="4ndw/alBWmZEhfcZ"
Content-Disposition: inline
In-Reply-To: <000b01bfe372$3347e5b0$eaaf6cc7@PEREGRIN>; from rmeyer@mhsc.com on Sat, Jul 01, 2000 at 08:37:00AM -0700
Errors-To: owner-nanog-outgoing@merit.edu
--4ndw/alBWmZEhfcZ
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
2000-07-01-11:37:00 Roeland M.J. Meyer:
> PEM is being used on every ecommerce site site now, to implement
> SSL.
Huh? X.509 certs and SSL are used, but certainly not PEM or S/MIME.
I've never, as far as I know of, seen a working PEM implementation,
or piece of PEM traffic. It's so lost in the noise I really thought
it was completely dead until this thread popped up.
PGP is used all over the place.
TLS (nee SSL) has its uses, that's sure, and once the RSA patent
expires I expect to be using it a lot more, but TLS has nothing to
do with PEM, nothing even in common other than a cert format, and
reformatting certs is no biggie.
The real difference between the two is that S/MIME is based on the
model of creating and subsidizing an artificial monopoly for the
CAs, while PGP is not. Unless you're a CA, it's an easy choice:-).
-Bennett
--4ndw/alBWmZEhfcZ
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.0 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iD8DBQE5Xj2ML6KAps40sTYRAsVyAJ9tYD26IBABZOUioC9ZZLlozgjsRwCePXtO
VbcmTjFMuYqWr1+utOtgaSg=
=FPiE
-----END PGP SIGNATURE-----
--4ndw/alBWmZEhfcZ--
