[gnutls-dev] OpenPGP security for web servers, again
john at neggie.net
john at neggie.net
Sat Jan 31 11:00:18 CET 2004
I've always been frustrated with the lack of PGP support for HTTP. Why,
when the people I need to grant access to my web site all have PGP keys, do
I have to deal with weak authentication schemes, forcing users to remember
new passwords, and the poorly-designed X.509 system?
I was surprised to find out that in 1995 the NCSA HTTP server and browser
already had PGP support [1]. It was removed due to now-defunct export laws
of the U.S.
When will such functionality ever be returned to the most popular free HTTP
server and browser? It seems that with opencdk and the unique OpenPGP
support in gnutls being under the GPL, we'll never see this support put into
Apache. Does the new Apache license change the situation?
Regards,
-John Belmonte
[1] http://hoohoo.ncsa.uiuc.edu/docs/PEMPGP.html
More information about the Gnutls-dev
mailing list