Tue, 5 Oct 1999 03:17:45 -0400
any scarier than as a file in a filesystem?
Nothing would please me more than to develop a system that 'feels right' as
far as security goes. Obviously, storing private keys in a database would
require very tight security on said databse server.
It is dangerous at any point when a 3rd party (the web mail client, a.k.a
the webserver process) is given the ability to sign/encrypt data using
several different peoples private keys....but is there any way around this?
Thanks for the input....
From: firstname.lastname@example.org [mailto:email@example.com]
Sent: Tuesday, October 05, 1999 2:41 AM
Subject: Re: GPG WebMail
bbatchel> 1. Public and Private keys are held in a database for the user.
this sounds like a pretty scary idea.