multiple subkeys and key transition

Daniel Kahn Gillmor dkg at
Sun Dec 12 00:49:23 CET 2010

On 12/11/2010 06:22 PM, MFPA wrote:

> A question on the subject of SSL/TLS certificates and HTTPS: often
> there is no user requirement to "authenticate" the identity of the
> server, but rather a simple requirement to prevent snooping; why does
> this need a certificate?

"prevent snooping" means "only me and the remote server i'm connected to
has access to the communication".

if you don't know who the remote server actually *is*, you cannot
prevent snooping by a man-in-the-middle.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20101211/8f2038ad/attachment.pgp>

More information about the Gnupg-users mailing list