[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: PGP, Inc.
At 7:46 5/7/96, Raph Levien wrote:
[...]
> The S/MIME spec indicates the use of X.509v3 certificates, which, in
>turn, are explicitly allowed to contain trust roots originating in the
>client's local configuration. In other words, yes, the spec allows for a
>Web of trust.
> The big question, of course, is how easy the key management will be
>in such a case. Everything I've seen points to key management being
>super-easy if you use VeriSign certs, and probably just as bad as PGP
>otherwise. Unlike PGP, most e-mail clients will probably not come
>configured with the capablity to sign other keys - in the X.500 world,
>e-mail clients and "certification authorities" are two separate
>applications.
Since VeriSign is going to issue certs for nyms for free, the only
requirement being uniqueness, using their certs might not prove much of a
problem.
Disclaimer: My opinions are my own, not those of my employer.
-- Lucky Green <mailto:[email protected]>
PGP encrypted mail preferred.