mobile GPG installation

Werner Koch wk@gnupg.org
Mon May 12 09:10:02 2003


On Sun, 11 May 2003 22:30:58 +0200, Martin Bretschneider said:

> That strage since Philip R. Zimmermann has worked for/still works
> for/has founded this enterprise... Ask goole or heise.de for details;)

He also worked for NAI who - afaik - released a tool to create
self-decrypting PGP files ...

> Yes maybe the server-browser-connection (e.g. SSL 128bit) is less
> secure than OpenPGP itself.

The primary problem with SSL is the required PKI which frankly does
not exists.  Look into most browsers and you will find root
certificates from very questionable organisations; i.e. it is not hard
to create a faked certificate.

-- 
  Nonviolence is the greatest force at the disposal of
  mankind. It is mightier than the mightiest weapon of
  destruction devised by the ingenuity of man. -Gandhi