[29663] in North American Network Operators' Group
Re: PGP kerserver infrastructure
daemon@ATHENA.MIT.EDU (L. Sassaman)
Mon Jul 3 15:27:43 2000
Date: Mon, 3 Jul 2000 12:25:13 -0700 (PDT)
From: "L. Sassaman" <rabbi@quickie.net>
To: Shawn McMahon <smcmahon@eiv.com>
Cc: nanog@merit.edu
In-Reply-To: <20000701193645.D9141@eiv.com>
Message-ID: <Pine.LNX.4.21.QNWS_2.0007031222380.26568-100000@thetis.deor.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sat, 1 Jul 2000, Shawn McMahon wrote:
> On Sat, Jul 01, 2000 at 02:43:51PM -0700, L. Sassaman wrote:
> >
> > And to expound upon this a little, CAs have artificially set PGP up as a
> > competitor to their existance. CAs could easily embrace PGP and offer PGP
> > services along with S/MIME and TLS. They choose not to, since PGP makes
> > CAs optional (not obsolute, however).
>
> Thawte, in fact, does. They only support RSA, however.
Thawte does not support PGP in any context other than their Freemail "Web
of Trust" program, and they have implemented PGP support incredibly poorly
(to the point that their signatures mean absolutely nothing and are
completely untrustworthy). Check the UKCrypto archives from Jan/Feb this
year for a conversation I had with Mark Shuttleworth regarding this.
Also, ask yourself... do you really think that Verisign is going to have
Thawte continue with the PGP support, now that it owns them?
__
L. Sassaman
System Administrator |
Technology Consultant | "Common sense is wrong."
icq.. 10735603 |
pgp.. finger://ns.quickie.net/rabbi | --Practical C Programming
-----BEGIN PGP SIGNATURE-----
Comment: OpenPGP Encrypted Email Preferred.
iD8DBQE5YOihPYrxsgmsCmoRAgSgAKCDGFjK1rkWwdy19WyiSg1VjC8vKwCcCjXj
5TmE1b0QRnaTm2hoNuJmkPs=
=E3Rq
-----END PGP SIGNATURE-----
