MS and PKI (was RE: Mutt/GnuPG-Outlook-plugin diffs...)

Dennis Lambe Jr. malsyned at cif.rochester.edu
Sun Feb 22 10:59:36 CET 2004


On Thu, 2004-02-12 at 14:06, gabriel rosenkoetter wrote:
> Outlook can recognize PGP/MIME messages as being cryptographically
> verifiable, though it can't cryptographically verify them. (Outlook,
> as of maybe 2000 or so--the version number, not the year--supports
> S/MIME natively. I don't believe it does not nor will it probably
> ever support PGP/MIME natively: Microsoft is heavily behind
> third-party certificate systems rather than PKI systems.)

I don't really understand this conflict between 3rd-party cert systems
and PKI systems.  Perhaps I'm missing some subtle nuance, but isn't PKI
a proper superset of 3rd-party cert?  That is, couldn't OpenPGP be used
to the same effect simply by assigning full trust to VeriSign, Thawte,
CACert, etc.'s hypothetical OpenPGP public keys?  Coupled with some kind
of secure-ish key distribution (like the physical media + holography
that Windows defaults to trusting) don't you have exactly the same
security as with MS's X.509 implementation, with the addition of PKI and
encryption at your option?

--D
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 279 bytes
Desc: This is a digitally signed message part
Url : /pipermail/attachments/20040222/781dbb04/attachment.bin


More information about the Gnupg-users mailing list