can`t verify signature
Gustavo Vasconcelos
gustavo.hlv@gmx.net
Sat Jul 26 10:49:02 2003
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
I still didn't get it.
The greatest advantage of OpenPGP over X.509 is the flexibility of the
web of trust. X.509 works based on CA's, but OpenPGP can be used with
CA's if desired.
So, if a company decides to act as a CA for their emplyes, what's
wrong with that? I could even sign the corporate key, if I could check
the documentation of the company, and the identifications of its CEO's.
I have pubkeys with pseudonyms. Is that wrong? No one will ever be
able to check my ID with documents, but I like it this way for the use
I have for that key.
[]'s
Gustavo
Ben Finney wrote on 26-07-2003 02:48:
| On 26-Jul-2003, Gustavo Vasconcelos wrote:
|
|>I didn't get it. What is the problem on using a corporate key
|
| The fact that a corporation is not an individual.
|
- --
This message is protected with OpenPGP digital security features.
OpenPGP KeyID: 0xFF006747
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/IkDMGVGVi/8AZ0cRAl53AJoCoQycvhQmjwRNTOSXlT12ptCCKQCcD5gj
p6W7OuQ4pAygsTScemd4RCU=
=+Wbv
-----END PGP SIGNATURE-----