At 6:29 PM +0100 9/13/2000, Ben Laurie wrote:
>"Arnold G. Reinhold" wrote:
>>
>
>
> > >There's really nothing stopping an implementation of SSL that uses PGP
>> >for key verification. All that's really required at the end of the day
>> >is some ASCII (to check the server name) and a public key, verified
>> >according to the requirements of the, err, verifier.
>> >
>>
>> Allowing SSL to accept PGP keys might be handy in other contexts, but
>> not here. If Bob wants to rule out a MITM attack and he somehow has
>> an active PGP key (other than his own) that he trusts, he can simply
>> send PGP-encrypted mail asking that key holder to verify Bob's public
>> key at the key servers.
>>
>> The value of SSL in this context is that every PC comes with a set of
>> certs that can be used to validate an SSL link. (Mine came with 66
>> certs) Bob can walk into any computer store and buy a PC or a Windows
>> disk off the shelf. Unless the MITM attacker has access to the
>> private portion of these keys (perhaps a risk if your expected threat
>> is United Spooks of Earth), and is willing to risk that compromise
> > being exposed, his electronic bubble is pierced.
>
>I was addressing "SSL might be anathema to the PGP community since it
>depends on a CA model for trust distribution".
>
And I guess what I meant by that was that the the PGP community might
not be happy relying on the PKI/CA's of the world to help PGP counter
the MITM attack. But in fact the PKI/CA's as they exist today allow
one to do just that.
Best,
Arnold
