arghman wrote: > * is this a bad idea? It is a _hard_ idea. It is not necessarily a bad or stupid idea. Like most things, whether it's inspired lunacy or just insane depends a lot on your particular problem domain. :)
X.509 (the standard used by freemail certs) and OpenPGP use the same underlying algorithms, but the protocols are dramatically different. Making them interoperate is hard, and is usually not worth it. > * if I sign a message with that key pair, and someone challenges my > identity, what's the best/easiest way for me to prove my identity? You can't. Identity cannot be proven. Evidence can be presented, but someone can always say, "no, no, I don't accept that as a form of ID." Just because some people accept a given method doesn't make the method good, and just because some people refuse a given method doesn't make it bad. As an example, I recently needed to get a driver's license for a new state. The unhelpful people at the Motor Vehicle Administration told me I needed two forms of government-issued photographic ID, a copy of my lease, and a utility bill in my name. I asked what they were going to do with my lease and utility bill. "Just check to see the name matches." You don't call the utility company, or call my landlord, or do anything else to check? "No. The law doesn't allow us to. Your privacy is respected." So -- I stopped myself just in time before I said "-- given that pretty much everyone has a desktop publishing setup nowadays and can forge these documents in an hour, why do you bother demanding them if you're not even going to check them?" But I decided that would probably get me some Quality Time with a state trooper, so I shut up. > * is there a tutorial on openpgp, S/MIME, openssl certificates as to what > the different cryptographic assertion primitives are, from the standpoint of > a user who treats the algorithms/tools as a black box? The best I've found is PGP Corporation's "Introduction to Cryptography." _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
