On 10/12/2010 04:25 PM, Michal Kleczek wrote:
On Tuesday 12 of October 2010 16:13:14 Sim IJskes - QCG wrote:
On 10/12/2010 04:10 PM, Michal Kleczek wrote:
On Tuesday 12 of October 2010 16:04:41 Sim IJskes - QCG wrote:
On 10/12/2010 03:39 PM, Michal Kleczek wrote:
Or your code is signed with PGP - but I don't have a PGP verifier
installed. Is it possible for you to provide me with third party PGP
verifier code that in turn is signed with a standard X509 certificate?
Why PGP? The PKI is the same. The CA's signing domain related
certificates are creating the inflexibility.
Exactly... Hierarchical CAs are inflexible - that's why PGP (or SPKI) :)
Strange reasoning. I'm my own CA. Whats the problem?
Your CA certificate is self-signed. How can I trust it?
Exactly. PKI is delegation of trust. If you dont trust the CA (or dont
want to pay the CA to trust you), it ends here.
PKI is no replacement of trust.
Gr. Sim
