[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Cypherpunk Certification Authority
-----BEGIN PGP SIGNED MESSAGE-----
>>>>> "Perry" == Perry E Metzger <[email protected]> writes:
Perry> become a C.A. and to run one, and it turns out not to be
Perry> particularly onerous, I or one of my corporate alter egos
Perry> might be willing. I must say, though, that being an
Perry> anti-fan of X.509 the situation would be ironic...
Ten easy steps to become a C.A.:
1. get a copy of SSLeay (try ftp://ftp.cert.dfn.de/pub/tools/net/ssleay)
2. install it
3. generate a key using 'genrsa -idea -rand
cypherpunks.key 1024'. Substitute a higher number than 1024 depending
on your paranoia. Choose an inconvenient pass phrase.
4. Use your favourite secret splitting method and send key and pass
phrase to respected members of the cypherpunks community.
5. Generate your X.509 certificate using makecert.
6. Sign other people's certificate using x509.
7.-10. Get yourself a decent beer and Applied Crytography 2nd Ed.
Sorry, I'd love to give you details for 5 and 6, but I'm out of
time. I'll deliver them tomorrow.
-----BEGIN PGP SIGNATURE-----
Comment: Processed by Mailcrypt 3.4, an Emacs/PGP interface
-----END PGP SIGNATURE-----