On 20.02.2013 21:12, M.-A. Lemburg wrote: > On 20.02.2013 21:03, Donald Stufft wrote: >> On Wednesday, February 20, 2013 at 3:02 PM, Daniel Holth wrote: >>> You know how to do S/MIME; how much harder would it be to use X.509 >>> signatures as are supported with openssl and bundled GUI cert managers on >>> all OSs? >> >> Signing tech doesn't really matter. I suspect societal and possibly legal >> requirements >> will make that choice over technical reasons. > > Relying only on OpenSSL would have the great advantage of being able > to all the verification/signing/key generation in Python. > > But it's missing an infrastructure to revoke keys, unless you also > implement SSL key revocation mechanisms and have users get official > paid/free SSL client certificates from certificate vendors that > provide CRLs or support OTRS.
Sorry, s/OTRS/OCSP/ .. though using a ticket system for revocations doesn't sound all that strange either :-) -- Marc-Andre Lemburg eGenix.com Professional Python Services directly from the Source (#1, Feb 20 2013) >>> Python Projects, Consulting and Support ... http://www.egenix.com/ >>> mxODBC.Zope/Plone.Database.Adapter ... http://zope.egenix.com/ >>> mxODBC, mxDateTime, mxTextTools ... http://python.egenix.com/ ________________________________________________________________________ ::::: Try our mxODBC.Connect Python Database Interface for free ! :::::: eGenix.com Software, Skills and Services GmbH Pastor-Loeh-Str.48 D-40764 Langenfeld, Germany. CEO Dipl.-Math. Marc-Andre Lemburg Registered at Amtsgericht Duesseldorf: HRB 46611 http://www.egenix.com/company/contact/ _______________________________________________ Catalog-SIG mailing list [email protected] http://mail.python.org/mailman/listinfo/catalog-sig
