[gnutls-dev] OpenPGP security for web servers, again
John Belmonte
john at neggie.net
Tue Feb 3 14:20:09 CET 2004
I've always been frustrated with the lack of PGP support for HTTP. Why,
when the people I need to grant access to my web site all have PGP
keys, do I have to deal with weak authentication schemes, forcing users
to remember new passwords, and the poorly-designed X.509 system?
I was surprised to find out that in 1995 the NCSA HTTP server and
browser already had PGP support [1]. It was removed due to now-defunct
export laws of the U.S.
When will such functionality ever be returned to the most popular free
HTTP server and browser? It seems that with opencdk and the unique
OpenPGP support in gnutls being under the GPL, we'll never see this
support put into Apache. Does the new Apache license change the situation?
Regards,
-John Belmonte
[1] http://hoohoo.ncsa.uiuc.edu/docs/PEMPGP.html
More information about the Gnutls-dev
mailing list