Authenticating TCP connections based on public keys

Christian Stork cstork at
Wed Sep 29 16:36:52 CEST 2004

On Wed, Sep 29, 2004 at 12:36:04PM +0200, Janusz A. Urbanowicz wrote:
> On Mon, Sep 27, 2004 at 02:12:55PM -0700, Christian Stork wrote:
> > Hi,
> > 
> > I have a potentially naive question so please forgive me if I missed an
> > obvious answer or if this is not the appropriate list (at least I know
> > it's not an FAQ): 
> > 
> > Assume I'm running a service for certain peers.  My server knows the
> > public keys of each peer.  How can I use GPG (or any of its subprojects)
> > to authenticate an incoming connection based on these public keys?  Is
> > there a standard for this case?
> > 
> > (I'm interested in keeping the administrative overhead as low as
> > possible, which is why extra SSL certificates etc. are out of question.)
> You have to do key distribution in some way anyway (unless you want to use
> already distributed keys) so why don't use certs? SSL is the thing you want
> anyway. Or possibly SSH port tunneling. Or IPSec. SSL/TLS is still the main
> answer for question you asked.

Well, as I said, the GPG keys are already in place and the certs aren't.
Could I use GPG keys as certs?  Or how about a nice challenge-responce
protocol based on GPG keys?

Anyway, thanks for you answer, Alex.

Chris Stork   <>  Support!  <>
OpenPGP fingerprint:  B08B 602C C806 C492 D069  021E 41F3 8C8D 50F9 CA2F

More information about the Gnupg-devel mailing list