[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Verisign & NAI Join Forces, PGP out the door? (fwd)



The primary difference between X.509v3 vs. PGP keys is one of format, not
of function. There is nothing you can do in native PGP key format that you
can't do in X.509.

However, many companies mandate keys to be kept in X.509 format
for compatibility reasons (you can then put the key on a smartcard, etc.).
What this move will mean is that PGP will make further inroads into the
corporate world and that strong crypto will be used more widely.

Standardization is a Good Thing.

--Lucky

On Tue, 23 Jun 1998, Max Inux wrote:

> This is what I was able to find out about the Verisign/NAI partnership.
> 
> -- Max Inux ([email protected]) UIN: 207447, http://khercs.chipware.net 
> Strong Cryptography makes the world a safer place- PGP: 0x5CCFCA59
> Or Kinky sex makes the world go round- Christie: Your in my sig too
> ^^ If Cryptography is outlawed,  only outlaws will have cryptography ^^
> 
>  
> 
> ---------- Forwarded message ----------
> Date: Tue, 23 Jun 1998 10:22:26 -0700
> From: Jon Callas <[email protected]>
> To: Max Inux <[email protected]>, [email protected]
> Cc: [email protected], [email protected]
> Subject: Re: Verisign & NAI Join Forces, PGP out the door? (fwd)
> 
> At 08:10 PM 6/22/98 -0700, Max Inux wrote:
>    Chip and Jon:
>    
>    Chip:  Have any insight into this or is this gonna be like the TIS scare
>    w/ Key Escrow?
>    
>    Jon:  Since Chip will probably end up asking you or some of the other
>    higher ups if he is unsure, Is there any truth to this story, or is this
>    TIS #2?
>    
> The tale is true -- it's the *interpretation* that's bogus. PGP is not out
> the door. PGP will be doing X.509 too. There's not a lot of difference
> between an X.509 certificate and a PGP key signature. They do the same
> thing. What you'll be able to do is have Verisign sign your key. The first
> steps of this are coming this fall -- you'll be able to drop an X.509 cert
> into your keyring and it will magically transform itself into a PGP key. At
> first, you'll only be able to use it with TLS (a.k.a. SSL), which is also
> coming this fall. 
> 
> 	Jon
> 
> 
> 
> -----
> Jon Callas                                  [email protected]
> CTO, Total Network Security                 3965 Freedom Circle
> Network Associates, Inc.                    Santa Clara, CA 95054
> (408) 346-5860                              
> Fingerprints: D1EC 3C51 FCB1 67F8 4345 4A04 7DF9 C2E6 F129 27A9 (DSS)
>               665B 797F 37D1 C240 53AC 6D87 3A60 4628           (RSA)
> 
> 


-- Lucky Green <[email protected]> PGP v5 encrypted email preferred.
   "Tonga? Where the hell is Tonga? They have Cypherpunks there?"