[linux-elitists] RFC 2015 (MIME and PGP) -- RFC status?
Mon Mar 12 17:34:15 PST 2001
begin Mr . Bad quotation:
> It's a Web-of-Trust thing versus a centralized certificate authority,
> but the idea is pretty much the same.
Webs of trust have smaller-scale verification problems, but also
smaller-scale scope of coverage. Certificates have additional problems,
and in many cases only seem to be promising authentication in any
meaningful sense -- upon close examination. (As with what follows,
below, I can do no better than to refer you to Schneier.)
> Is your point that, just because I got your key from your Web page,
> there's no way I can be sure it's you?
Yes, that's part of the problem.
Web-of-trust models tend to have problems with weak links, revocations,
and a whole host of other issues. I can't even begin to remember the
whole sad story, but Schneier lays it out in its full lack of splendour.
> DNSSEC I don't recognize. What's that?
Draft standards for cryptographically signing DNS information, to be
supported in the newly minted, scarily beta-ish BIND v. 9.
Theoretically, if you absolutely trust the DNS, you can use this trust
to bootstrap your trust over other matters.
A veritable game of confidence, one might say.
Cheers, "Open your present...."
Rick Moen "No, you open your present...."
firstname.lastname@example.org Kaczinski Christmas.
-- Unabomber Haiku Contest, CyberLaw mailing list
More information about the linux-elitists