At 11:17 PM 03/05/2000 -0500, Phillip Hallam-Baker wrote:
>PGP is in my view popular with people who want to have absolute
>control over their environment - even if that is at the expense
>of security. To use PGP securely, one pretty much has to only
>use keys signed by people you know are meticulous in checking
>credentials. In my case that means I only use keys signed by
>Jeff Schiller. Now I have the advantage of actually knowing Jeff,
>but for the life of me I can't see the scalability in that
>solution. What do I do if I want to speak to someone who hasn't
>yet met Jeff - buy them an air ticket to Cambridge MA so they
>can meet him?
...
>PGP is unfortunately not scallable to commercial usage. It is
>therefore only a partial solution for a restricted community.
>There is absolutely no way that PGP could provide a PKI structure
>to support applications such as Identrus or ANX. Unfortunately
>PGP is only about privacy. PGP does not provide any meaningfull
>or usefull statement about identity. The integrity capabilities
>of PGP are as a result not usefull if one wishes to provide any
>degree of assurance with respect to the enforcement of digitally
>signed contracts.
I don't buy your argument - the important scalability differences between
"only use PGP keys signed by Jeff Schiller" and
"only use X.509 keys signed by Verisign or Thawte" are not that
one uses PGP-format sigs while the other uses X.509 - it's that
- Jeff Schiller's not in the mass-market business, while VeriThawteNSI are,
- Jeff probably only signs for real people,
while VeriThawte offers different signatures for people they don't know,
optionally based on the quality of government documentation they've got,
- Netscape trusts Verisign, Thawte, AT&T, and several dozen other CAs,
so you have to kill off CAs you don't have a reason to trust,
while PGP only starts out trusting the people whose keys you sign.
If your argument about scalability was about CRLs vs. other ways to
deal with no-longer-trusted individuals, that'd be different.
In a business environment, that's important, because people leave jobs
or change responsibilities all the time, while in an anti-nuke environment,
most people don't get outed as FBI informers very often, or discover that
their PCs have been black-bagged by the FBI, and it's not harder
revoke somebody's X.509 key on a CRL than to revoke your own key after
the Feds have stolen your PC and any backup media they can find.
Thanks!
Bill
Bill Stewart, [EMAIL PROTECTED]
PGP Fingerprint D454 E202 CBC8 40BF 3C85 B884 0ABE 4639
