--
James A. Donald:
> > > > SSH server public/private keys are widely deployed.
> > > > PKI public keys are not. Reason is that each SSH
> > > > server just whips up its own keys without asking
> > > > anyone's permission, or getting any certificates.
Eric Murray:
> > > ..which means that it
On Thu, Sep 04, 2003 at 10:48:55PM -0700, James A. Donald wrote:
>
> On 4 Sep 2003 at 7:56, Eric Murray wrote:
> > ..which means that it [ssh-- ericm] still requires an OOB authentication.
> > (or blinding typing 'yes' and ignoring the consequences). But
> > that's another subject.
>
> Not true
On Wed, Sep 03, 2003 at 08:27:18AM -0700, James A. Donald wrote:
> --
> SSH server public/private keys are widely deployed. PKI public
> keys are not. Reason is that each SSH server just whips up its
> own keys without asking anyone's permission, or getting any
> certificates.
.which mean
--
James A. Donald:
> > Outlook and outlook express support digital signing and
> > encryption -- but one must first get a certificate.
> >
> > Now what I want is a certificate that merely asserts that
> > the holder of the certificate can receive email at such and
> > such an address, and tha
--
3 Sep 2003 at 20:16, Anonymous via the Cypherpunks wrote:
> Here is an interesting post regarding the CA issue:
>
> http://lists.spack.org/pipermail/wordup/2003/000684.html
>
> You may want to look at http://www.cacert.org. It may do what
> you want.
Their free client certificates are no d
On Wed, 3 Sep 2003, James A. Donald wrote:
> --
> SSH server public/private keys are widely deployed. PKI public
> keys are not. Reason is that each SSH server just whips up its
> own keys without asking anyone's permission, or getting any
> certificates.
>
> Outlook and outlook express supp
> Outlook and outlook express support digital signing and
> encryption -- but one must first get a certificate.
>
> Now what I want is a certificate that merely asserts that the
> holder of the certificate can receive email at such and such an
> address, and that only one such certificate has been