[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: distributed keys



On Wed, 15 May 1996, Matt Smith wrote:

> 
> -  Having a certifying node which every other node has the public key to and
>    who has everyone else's public key.  Requests are made of this server.  
>    The trick is making this server secure and forcing the user to devote
>    resources to this endeavour.

This is the usual approach; if you use certificates, the  private 
key for the certification agency doesn't have to be (and shouldn't) be 
accessible online; thus, even if the machine serving the certificates is 
compromised, Mallet won't be able to issue false certificates. 


---
Cause maybe  (maybe)		      | In my mind I'm going to Carolina
you're gonna be the one that saves me | - back in Chapel Hill May 16th.
And after all			      | Email address remains unchanged
You're my firewall -    	      | ........First in Usenet.........