Relevance of PGP?
Richard Pieri
richard.pieri-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Fri Jun 10 14:06:54 EDT 2011
On Jun 10, 2011, at 1:05 PM, Mark Woodward wrote:
>
> What we need is a mechanism to distribute and verify public keys.
You've just described a certificate authority: a mechanism that distributes and verifies public keys (certificates). What we need is a verification mechanism that is independent of the distribution mechanism. When verification is independent of distribution it is readily apparent when the distribution mechanism has been compromised: verification fails.
We need something like the MIT PGP key server:
http://pgp.mit.edu/
--Rich P.
More information about the Discuss
mailing list