lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
From: poirotsj at gci.net (Steve Poirot) Subject: PGP vs. certificate from Verisign Thawte does still issue free email certificates. You can have your name rather than your email address as the CN if you have roughly three Thawte Notaries verify your id. The number of notaries required depends on how many points the particular notaries are allowed to issue. The Thawte site has a way to look up notaries in your area. Does anyone know if there is a way to use S/MIME with AOL? I am not an AOL user, but I searched there site and couldn't find anything about security, let alone S/MIME. If they really don't support S/MIME, PGP would be the way to go if you need to have regular (signed/encrypted) correspondence with AOL users. Steve Poirot Evans, TJ (BearingPoint) wrote: >At one time, i.e. - don't know if it still the case - Thawte would issue a >"personal cert" free. > >One advantage PGP has is the existing infrastructure for key distribution, >so that you do not necessarily need to have someone's public key (yet) in >order to encrypt to them or verify their signature. If they have pushed it >out to the publicly accessible key-servers you can get it as needed. But >again - it depends on what problem you are trying to solve and your >preferred method of doing so. > > >TJ >-----Original Message----- >From: Anne Carasik [mailto:gator@...l.cacr.caltech.edu] >Sent: Friday, May 09, 2003 3:46 PM >To: Kamal Habayeb >Cc: full-disclosure@...ts.netsys.com >Subject: Re: [Full-Disclosure] PGP vs. certificate from Verisign > >OpenPGP is free :) as are other implementations of PGP. > >Paying VeriSign to create a digital certificate for you >is not worth it, considering most of the encryption you >run into in the wild is PGP keys. > >-Anne > > >Kamal Habayeb grabbed a keyboard and typed... > > >>Greetings, >> >>I'm trying to get some expert opinions on which is better. Using Outlook >>2002, would it be better to use PGP to encrypt messages or use the >> >> >built-in > > >>option with a digital certificate from Verisign (or some other CA)? >> >>Thanks, >> >>Kamal >> >> > > > >****************************************************************************** >The information in this email is confidential and may be legally >privileged. Access to this email by anyone other than the >intended addressee is unauthorized. If you are not the intended >recipient of this message, any review, disclosure, copying, >distribution, retention, or any action taken or omitted to be taken >in reliance on it is prohibited and may be unlawful. If you are not >the intended recipient, please reply to or forward a copy of this >message to the sender and delete the message, any attachments, >and any copies thereof from your system. >****************************************************************************** > >_______________________________________________ >Full-Disclosure - We believe in it. >Charter: http://lists.netsys.com/full-disclosure-charter.html > > > -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030509/d3712e8e/attachment.html
Powered by blists - more mailing lists