Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Full Disclosure: RE: PGPNet Upgrade path ?

RE: PGPNet Upgrade path ?

From: Aditya Deshmukh <aditya.deshmukh_at_online.gateway.strangled.net>
Date: Sun, 18 Sep 2005 08:03:37 +0530

gem_at_rellim.com Wrote :

> IPSEC has nothing to do with PGP. Also there is really no such thing
> as a PGP key. PGP uses what ever key scheme you ask it to use. IPSEC
> is the same way. Both use keys, but are not themselves key standards.
>
> OpenVPN similarly can use what ever key scheme you wish. Since it is
> based on the OpenSSL crupto libs it is very flexible that way. For
> simple setups you can use pre-shared keys. For more complex setups
> you can use public/private key pairs of any type that OpenSSL
> understands.

This is the main problem - how do I get PGP key server keys in a format
Openssl understand ? And I have implemented CA and ipsec vpn using
freeSWAN.org + x.509 patch it works pretty nicely, but here in this
case the public/private KEYs are in a different format...

> IMHO, if OpenVPN does not do what you want then you misunderstand the
> problem.

The problem is very clear : how do I tranlate PGP keys to a format
X.509 / openssl can understand ? I havent a solution to this one yet.

m_at_rtij.nl Wrote :

> >I know for ipsec VPNs I could use the winxp's builtin
> >But that would require moving all the PGP keys to
> >X.509 certs.
>
> Yes, absolutely. For OpenVPN you need to use X509 certs, you
> will have to rework your whole PKI. However:

I have already used openvpn and (free|open|whatever)swan, have
created openssl CA with batch files that run both on windows and
linux/freebsd/solaris at other sites....

All these programs are great in own right but I cannot connect the
Dots.

>
> So if you consider dropping PGP all together, have a look at OpenVPN.

This is the last option. If nothing is found then it is going to be openvpn

But meanwhile

I need a VPN that uses PGP keys for auth that are stored in PGP Key
Server, does not matter If it free or paid but if anyone know that
There is such a program please let me know....

Thank you in advance for the time taken to dig out the answers :)

________________________________________________________________________
Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

  • application/x-pkcs7-signature attachment: smime_p7s
Received on Sep 17 2005
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]