TLS client authentication, Re: openPGP vs x509
Mads Laursen
gnupg at dossen.dk
Wed Apr 7 14:07:30 CEST 2004
On 07/04/04 13.22, Holger Sesterhenn wrote:
> Hello,
>
> Werner Koch wrote:
>
> > TLS provides such a mechanism but sane users don't hand their money
> > over to Verisign for a user certificate. I don't know whether
> > browsers support this at all.
>
> It's called 'client authentication' and you have to import this special
> certifacte into your browser. IE, NS and Mozilla do support such
> behaviour since ages.
>
> I'am working with such a configuration every day. Of course we have
> created our own certificate hierachy. No need for Verisign.
Just adding a data-point: This is also in use for government<->citizen
communication in Denmark (e.g. I used it to file my tax 'papers'), and
it works pretty good.
/dossen
--
Common sense is the collection of prejudices acquired by age eighteen.
-- Albert Einstein
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/attachments/20040407/4524a69c/attachment.bin
More information about the Gnupg-users
mailing list