[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Real-time key server




Okay, I was told to not post to the list until I'd:
1. Lurked for a month,
2. Figured out who Detweiler was,
3. Found out about BlackNet and DC Nets,
4. Learned of at least three of David Chaum's innovations.
And at that point "[I] may be ready to post [my] first comments."

Well, dammit, I can't wait that long.  I need help now.  I've only been on 
for 2 weeks, I have no clue who Detweiler is (other than the
welcome message I haven't heard two words about him/her/it), and I know 
enough to sound stupid about the other stuff.  But if you still think I'm 
worthy of listeneing to, then read on.

I work for Northrop Grumman Corp (SBMS division) when I have been tasked to 
create a program for reciept of online forms.  The entire division is 
wanting to go paperless, and I am the sole person doing it.  (Yes, I'm going 
for pity here.)

I am writing my own CGI remailer for insecure forms, but some of them
have to be secure.  I think the best way to go about this is a public-key 
system with both keys stored locally and the public keys stored on a 
networked database (for routing purposes; ie, it has to go through managers 
and admin and will be verified and digitally signed with each hop).  Now, of 
course, acces to the public keys will be through a key server.

This is where I come into my problem.

In my research into keyservers, I find that none of them are realtime. 
 Sure, there are CGI interfaces to them, but that's not what I mean.  I was 
hoping for something along the line of a Finger or SMTP protocol, such that 
a client connects to a host (say, keyserv.northgrum.com) on a certain port 
(say, 5397) and goes through a realtime version of what is accomplished via 
email.

Something like:
[connect]
client>GET osborri
server>200 OK
server>-----Begin . . .

and so forth.

Now.  Yes, I am intelligent enough to implement something like this. 
 (Actually, that's debatable, but it's also besides the point.) What I want 
to know is this: Is there a realtime implementation out there already?

Why?  Because:
1. I do not want to reinvent the wheel.
2. I would like to conform to existing standards.

Now, if the answer is a 'no', then who wants to draft a quickie RFC?

 -oz