|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: adding gpg to src/gnu/dist
From: Love (lha
stacken.kth.se)
Date: Fri May 14 2004 - 06:46:28 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Daniel Carosone <dangeek.com.au> writes:
> For the case of key management, it's the biggest downfall of the x.509
> cert format, compared to pgp. GPG allows that inherently, which is a
> good thing, and something we wouldn't want to "lose" otherwise -
> though it does complexify the key trust decisions.
I think you get this wrong, how can you from a pgp certificate figure out
if the signer is approved by NetBSD to be distribution binaries when its in
your web of trust from your "trust anchor" ? By name, by keyid, one hop, N
hops ?
The strict hirarky and intended keyusage is something that is very
important for this problem.
Love
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (NetBSD)
iQEVAwUAQKSxlnW+NPVfDpmCAQIujQgAiL/wrEtjLDUAOL5ToJCQoNbLBB2GTWIs
qr5RisuDGJj98+AcuA6CMSPAtizmJVLksktTWx1gP+ysaCUlqIH2A/lVQtMhUcBV
6nXORJGABRhIBbEbaATVsSpNd12NDAKOzEklr0m3trwImRCEn64RKPJEzuXST3Gz
US0wadSa6ovymeuizLwqOqQ4UJSGYTk9bx29xpOScf9OqL2R8xu74gR9zcvJWN05
5lwAT7PHOF/JFRGkLbPuYYMfUn8jHEAEUJBgKrQaKNQHp15fXQPpFUooDP60sjme
7B3SVhrKPCyiJLV/4nQOo++nDWgaCswcwW1jmEjZnIpXISUGlKxn/g==
=jPzs
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]