-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Somebody signing messages as Peter Saint-Andre wrote: > As I understood it, we were thinking that clients would generate a > simple key (not PGP) for use in session security. That key could be > signed with an OpenPGP key or X.509 cert if the user has such a beast, > but we would not introduce a dependency on OpenPGP or X.509.
Instead you would introduce a dependency on some new key format of your invention? This does not seem to be a win. The benefit of supporting OpenPGP and X.509 keys is the formats are already standardised, well understood and supported, and widely depolyed. - -- Stephen Paul Weber, @singpolyma Please see <http://singpolyma.net> for how I prefer to be contacted. edition right joseph -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iQIcBAEBCAAGBQJKJVsTAAoJENEcKRHOUZzeTPsP+gLK0dTtOP/t7iah9+GJStbT sqCd7TUttz1/RHm6RvzC3C/Picxm15HVml+YVGJ37gUooOe/hiFc0EJ81VuRaaDj zRmwjn0mB8IXbCWeeZyEHGGbRsgcKCyTqoKZK+SdxAIJxyd9zI4X2Dh+AnapHX5M UiGQIpSdqThR1oQmq4N1eZXWGy+PhYsuIfBz4ZtTs5ArIszWaRYGLYiPLEh2RG4O PJ+4S9LEeQNQZaIVzXdfG0t5fHWKuglmhGz+6o1hZGKq4LRMx6Tyn9Fu4guQZuzx QK12n7gAkBYt727+IRYMEq8tpLT/UvW7uXYocmEf4LPSGIdrzmkj70EVFk+N7nPE odFhCXwbw7uvqgzjrZWUu2mkKPnhzEsC7pt35XCb/o8NCPY0SJqTctJMm5EZCqHy 9rYmFqxGdUZR+umgjwyqALhW7zuInz1kNs4SQe2erldPcaB90j0PcRPuef0YzuWy 1AZkJY13WMNq1nKGCyzRoBZ8+i0CCyhc1YmZjY071EpSKdKlLC4vTXBdy48ao9pA sdxX4JKmurOMZ3zC8S9izT/J9dwjOpUDDr8qh6aOMiYBFxjzGyz4VzWePQwcFvng s628Ue2OzdrcdkSf/B7LLrJ+5GGc51vJB8aLjW+U1mE4UTRHC9svyrSqSSVwnofE oIhrIEwR9bCDrnXmmpn2 =lsn3 -----END PGP SIGNATURE-----
