|
Full Disclosure
mailing list archives
Re: PGP vs. certificate from Verisign
From: Shawn McMahon <smcmahon () eiv com>
Date: Sun, 11 May 2003 19:09:01 -0400
On Sat, May 10, 2003 at 02:57:12AM +0200, yossarian said:
What I wonder - will Verisign have set up CRL servers yet? Remember the IE
problem when someone got hold of MS certificates? The MS-fix was
blacklisting them locally, the real problem was that there was no revocation
servers. Then again, how many concurrent connections would they get if MS
sent out a critical update?
So - stick to PGP - forget about PKI.
Pardon me if a clue whizzed by while I was working, but I read this as
"PKI doesn't have any way to guarantee ad-hoc revocation of a
certificate, so stick to PGP, which also doesn't have any way to
guarantee ad-hoc revocation of a certificate".
--
Shawn McMahon | Let every nation know, whether it wishes us well or ill,
EIV Consulting | that we shall pay any price, bear any burden, meet any
UNIX and Linux | hardship, support any friend, oppose any foe, to assure
http://www.eiv.com| the survival and the success of liberty. - JFK
Attachment:
_bin
Description:
 By Date 
By Thread
Current thread:
Re: PGP vs. certificate from Verisign Steve Poirot (May 10)
RE: PGP vs. certificate from Verisign Daniel Tams (May 10)
|
Intro
