HKP keyservers over SSL

Phil Pennock gnupg-devel at spodhuis.org
Thu Apr 2 01:56:38 CEST 2009


On 2009-04-01 at 18:42 -0400, Daniel Kahn Gillmor wrote:
> Sorry, i have serious concerns over the X.509 specification and the way
> that it's generally deployed [0].  But the setup you describe (with the
> keyserver pool operator acting as the CA directly) is not an
> unreasonable use of X.509.  I shouldn't have let my general X.509
> grumpiness cloud my reasoning ;)

I have serious concerns there too and am normally the one who is grumpy
on the topic of the so-called PKI, so no worries.

-Phil, who installs CA certs after receiving them PGP-signed
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 163 bytes
Desc: not available
URL: </pipermail/attachments/20090401/2641b749/attachment.pgp>


More information about the Gnupg-devel mailing list