On Thu, 13 Nov 2003 13:27:47 +0100, Philipp Morger <[EMAIL PROTECTED]> said:
> On Wed, Nov 12, 2003 at 18:38:54 +0100, Alexander Gall wrote: >> On Wed, 12 Nov 2003 18:21:08 +0100, Philipp Morger <[EMAIL PROTECTED]> said: >> > mails... the problem is, that there's almost no security mechanism in >> > place - I doubt that if switch would provide (and please do) a way to >> > submit a gpg-key to get emails encrypted that it would be used by a wide >> > userbase anyway... >> >> And how do you propose to verify the user's key? This is a BIG can of > Sounds like it's time for a Switch-PGP Keysigning Party... - So if one > is in the "Web-of-trust" then he's authenticated :) Right. Let's have a party with all 500'000 customers[*]. This is precisely the situation that does not fit the web-of-trust model. Yes, it will only be a handful of people who are willing/able to use PGP, but would you implement a system that you know won't scale? Try again, please :-) -- Alex [*] In fact, it would be enough for SWITCH to authenticate each customer, they don't have to trust each other. ---------------------------------------------- [EMAIL PROTECTED] Maillist-Archive: http://www.mail-archive.com/swinog%40swinog.ch/
