[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Cypherpunk Certification Authority



-----BEGIN PGP SIGNED MESSAGE-----

>>>>> "Perry" == Perry E Metzger <[email protected]> writes:

    Perry> become a C.A. and to run one, and it turns out not to be
    Perry> particularly onerous, I or one of my corporate alter egos
    Perry> might be willing. I must say, though, that being an
    Perry> anti-fan of X.509 the situation would be ironic...

;).

Ten easy  steps to become a C.A.:

1. get a copy of SSLeay (try ftp://ftp.cert.dfn.de/pub/tools/net/ssleay)

2. install it

3. generate a key using 'genrsa -idea -rand
/dev/random:/var/adm/messages:/etc/utmp:/proc/net/dev -out
cypherpunks.key 1024'. Substitute a higher number than 1024 depending
on your paranoia. Choose an inconvenient pass phrase.

4. Use your favourite secret splitting method and send key and pass
phrase to respected members of the cypherpunks community.

5. Generate your X.509 certificate using makecert.

6. Sign other people's certificate using x509.

7.-10. Get yourself a decent beer and Applied Crytography 2nd Ed.

Sorry, I'd love to give you details for 5 and 6, but I'm out of
time. I'll deliver them tomorrow.

Andreas

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface

iQCVAgUBMLdlB0yjTSyISdw9AQEs5QP/T5K8qdD0lX9NrqsYxcudpUSPBoAOuzUb
oy2IllKpliviJaGZCb5o6ga1jgoCObyhe6HNaaQINOHhWyP09Gzs+jdNxMsqcK1z
Vxt9NOH+cHyBC67rPU77vDwB27dXNIob+u1KwKldWkSB3Id+qLR+Pz5yXylYAMhI
ccuVcA0BpOU=
=iGp+
-----END PGP SIGNATURE-----