lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
From: dantams at myrealbox.com (Daniel Tams)
Subject: PGP vs. certificate from Verisign

Yes, they still offer the free certificate. I have one myself. Here
http://www.dallaway.com/acad/webstart/ is a writeup on how you can use
that free certificate to even sign your Java apps. 

It is very annoying however that only very few developers properly sign
their public keys/certtificates. Most just self-sign it. This is the
case with X.509 as well as PGP. Whether you use PGP or X.509 you should
always make sure it is signed by someone else, preferrably someone
trusted, otherwise the whole idea goes down the sink as any script
kiddie could create a public key/certificate with your name and e-mail
address on it. The hard part is getting others to vouch for its
authenticity. At some computer fairs you will find a booth where you can
get your public PGP key signed by a trusted authority (at the CeBit it's
c't magazine).

- Daniel

On Fri, 2003-05-09 at 23:48, Evans, TJ (BearingPoint) wrote:
> At one time, i.e. - don't know if it still the case - Thawte would
issue a
> "personal cert" free.  
> 
> One advantage PGP has is the existing infrastructure for key
distribution,
> so that you do not necessarily need to have someone's public key (yet)
in
> order to encrypt to them or verify their signature.  If they have
pushed it
> out to the publicly accessible key-servers you can get it as needed. 
But
> again - it depends on what problem you are trying to solve and your
> preferred method of doing so.
> 
> 
> TJ


Powered by blists - more mailing lists