GPG WebMail

Bryan Batchelder
Tue, 5 Oct 1999 03:17:45 -0400

any scarier than as a file in a filesystem?

Nothing would please me more than to develop a system that 'feels right' as
far as security goes.  Obviously, storing private keys in a database would
require very tight security on said databse server.

It is dangerous at any point when a 3rd party (the web mail client, a.k.a
the webserver process) is given the ability to sign/encrypt data using
several different peoples private keys....but is there any way around this?

Thanks for the input....


-----Original Message-----
From: []
Sent: Tuesday, October 05, 1999 2:41 AM
Subject: Re: GPG WebMail

bbatchel> 1.  Public and Private keys are held in a database for the user.

this sounds like a pretty scary idea.