[quote="xrg"]You shouldn't underestimate GPG. It uses the same trust principles as the other system (PKI, SSL) you mention. It's just that it's much easier to build a web of trust on PGP, rather than the commercial CA's.
Anyway, the implementation of ssl certificates wouldn't be much different from the one for GPG. The main idea is that we store the ascii armor blocks for the signed data, in the db. So, if the block can be a PGP one or SSL. Just add bindings to the crypto library, and you're ready .[/quote] I use gpg regularly and love it. However, in the deployment I have in mind I could have 10,000 users with different security offices issuing certificates and revoking them. I don't think gpg will scale well to this environment. Anyway, I will have a look at implementing something along this line. BTW, has anyone looked at client side SSL authentication certificates. I take it that once a client has a certificate it could be used for establishing SSL connection to RPC over HTTPS. ------------------------ Technical Consultant NCTR - http://www.nctr.sd/ -------------------- m2f -------------------- -- http://www.openobject.com/forum/viewtopic.php?p=55590#55590 -------------------- m2f -------------------- _______________________________________________ Tinyerp-users mailing list http://tiny.be/mailman2/listinfo/tinyerp-users
