[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: the problem that destroyed PGP

To: "W. Kinney" <[email protected]>
Subject: Re: the problem that destroyed PGP
From: "Perry E. Metzger" <[email protected]>
Date: Sun, 12 Feb 1995 13:02:57 -0500
Cc: [email protected]
In-Reply-To: Your message of "Sun, 12 Feb 1995 10:57:39 MST." <[email protected]>
Reply-To: [email protected]
Sender: [email protected]


"W. Kinney" says:
> This isn't a criticism of PGP's key certification paradigm -- PGP allows
> centralized certification (I see a few keys signed by SLED, for instance),
> and it also allows me the flexibility of having mutual certification within
> the circle of people I mail regularly. But web of trust _in and of itself_
> is not proving to be effective when applied to the problem of providing
> reliable key certification on the scale of the internet as a whole. 

I think the jury is still out on that. Web-of-trust is still really
untested because of the difficulties in widespread deployment of
PGP. As it stands, PGP is still a hacker's toy -- the lack of a
library or an easy to use global key distribution infrastructure mean
that we have yet to see what can be done. I think that mutually
authenticating organizations with small trust pyramids within the
organizations, but without a global key pyramid, may come to prove
very practical.

Perry

Follow-Ups:
- Re: the problem that destroyed PGP
  - From: "W. Kinney" <[email protected]>

References:
- Re: the problem that destroyed PGP
  - From: "W. Kinney" <[email protected]>

Prev by Date: Re: the problem that destroyed PGP
Next by Date: Re: the problem that destroyed PGP
Prev by thread: Re: the problem that destroyed PGP
Next by thread: Re: the problem that destroyed PGP
Index(es):
- Date
- Thread