| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun Sep 18 03:34:37 2005 From: aditya.deshmukh at online.gateway.strangled.net (Aditya Deshmukh) Subject: PGPNet Upgrade path ? gem@...lim.com Wrote : > IPSEC has nothing to do with PGP. Also there is really no such thing > as a PGP key. PGP uses what ever key scheme you ask it to use. IPSEC > is the same way. Both use keys, but are not themselves key standards. > > OpenVPN similarly can use what ever key scheme you wish. Since it is > based on the OpenSSL crupto libs it is very flexible that way. For > simple setups you can use pre-shared keys. For more complex setups > you can use public/private key pairs of any type that OpenSSL > understands. This is the main problem - how do I get PGP key server keys in a format Openssl understand ? And I have implemented CA and ipsec vpn using freeSWAN.org + x.509 patch it works pretty nicely, but here in this case the public/private KEYs are in a different format... > IMHO, if OpenVPN does not do what you want then you misunderstand the > problem. The problem is very clear : how do I tranlate PGP keys to a format X.509 / openssl can understand ? I havent a solution to this one yet. m@...j.nl Wrote : > >I know for ipsec VPNs I could use the winxp's builtin > >But that would require moving all the PGP keys to > >X.509 certs. > > Yes, absolutely. For OpenVPN you need to use X509 certs, you > will have to rework your whole PKI. However: I have already used openvpn and (free|open|whatever)swan, have created openssl CA with batch files that run both on windows and linux/freebsd/solaris at other sites.... All these programs are great in own right but I cannot connect the Dots. > > So if you consider dropping PGP all together, have a look at OpenVPN. This is the last option. If nothing is found then it is going to be openvpn But meanwhile I need a VPN that uses PGP keys for auth that are stored in PGP Key Server, does not matter If it free or paid but if anyone know that There is such a program please let me know.... Thank you in advance for the time taken to dig out the answers :) ________________________________________________________________________ Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com) -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3442 bytes Desc: not available Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050918/4e351c67/smime.bin
Powered by blists - more mailing lists