-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 6/2/09 11:02 AM, Stephen Paul Weber wrote: > Somebody signing messages as Peter Saint-Andre wrote: >> As I understood it, we were thinking that clients would generate a >> simple key (not PGP) for use in session security. That key could be >> signed with an OpenPGP key or X.509 cert if the user has such a beast, >> but we would not introduce a dependency on OpenPGP or X.509. > > Instead you would introduce a dependency on some new key format of your > invention? This does not seem to be a win. The benefit of supporting > OpenPGP and X.509 keys is the formats are already standardised, well > understood and supported, and widely depolyed.
No, we would probably use DSA keys. We're not in the business of making new key formats here. :) Peter - -- Peter Saint-Andre https://stpeter.im/ -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAkolXYsACgkQNL8k5A2w/vwtPgCg0auGUut0kZOHraowIjBtjyuD +EcAoJyifc2lHQS+1Lw1v8BQJxqYffMR =ztJa -----END PGP SIGNATURE-----
