PGP uses (almost) the same authentication model (public key-based signatures
of key) as any other key hierarchy. The only difference is that with PGP,
you can decide who to trust for yourself.
As the IS manager, I create a key and then manually sign all the keys for
other employees. My key is added to each of their key-rings and they then
can trust any key with my signature on it. Key management becomes much
easier than using "pay as you go" style authentication by a company who
barely runs a background check.
You can run your own PKI very easily using PGP's tools -- and you're in full
control.
----- Original Message -----
From: "Jose Nazario" <[EMAIL PROTECTED]>
To: "Naor Lipa" <[EMAIL PROTECTED]>
Cc: "'[EMAIL PROTECTED]'" <[EMAIL PROTECTED]>
Sent: Wednesday, February 07, 2001 11:35 AM
Subject: Re: Auth. for mail messages
On Wed, 7 Feb 2001, Naor Lipa wrote:
> We are using outlook 2000, and I am conidering using PGP plug-in for
> them. Do you have any ideas?
PGP's trust model is nice, but hardly bulletproof given it's a user based
web of trust. have you condsidered S/MIME with a small PKI, one which you
could integrate with other collaborators?
____________________________
jose nazario [EMAIL PROTECTED]
PGP: 89 B0 81 DA 5B FD 7E 00 99 C3 B2 CD 48 A0 07 80
PGP key ID 0xFD37F4E5 (pgp.mit.edu)
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
