Keyservers and the future
Mark H. Wood
mwood at IUPUI.Edu
Fri May 20 16:21:36 CEST 2005
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Thu, 19 May 2005, Radu Hociung wrote:
[snip]
> That's why I am asking the question: could PGP cope if all, or a
> significant proportion of all domains were to enable some kind of email
> transport authentication?
I don't see any connection. PGP is a sublayer of the application layer.
Transport-layer trust is a separate issue. PGP takes no notice of
transport mechanisms.
If I receive a message with an invalid PGP signature, or an unsigned
message from someone who habitually signs messages, I don't care how many
MTAs swear that the address is trustworthy; the *message* still appears to
be a forgery.
Transport authentication and message authentication address different
problems. The only effect of widespread transport authentication on PGP
ought to be a small decline in use of PGP by people who don't understand
the distinction and are enjoying a false sense of security.
- --
Mark H. Wood, Lead System Programmer mwood at IUPUI.Edu
Open-source executable: $0.00. Source: $0.00 Control: priceless!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
Comment: pgpenvelope 2.10.2 - http://pgpenvelope.sourceforge.net/
iD8DBQFCjfJzs/NR4JuTKG8RAsz+AJ9+TOxmCVpeckFiobDu2wkttPL/3QCePsfN
LPwR0LQpeDMaagviTdS0HzA=
=JW+d
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list