On 2011-03-25 1:59 PM, Dane Smith wrote: > Having said that, for those that just use "keys" for e-mails (most of > us), it would make more sense to use full blow SSL certs in the long run.
Please no. PKI is a naive design and for all intents and purposes will remain a pipe-dream. All security relationships that is worth anything is bilateral and no trusted third party is willing to accept enough risk to warrent full trust. Using public keys for auth is a good security model and the rest of x509 certs is just unnecessary overhead. Let's not go there. GPG is good enough. -- Eray Aslan Developer, Gentoo Linux eras <at> gentoo.org
signature.asc
Description: OpenPGP digital signature
