auto refresh-keys
MFPA
expires2010 at ymail.com
Sun Jun 20 03:50:41 CEST 2010
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hi
On Sunday 20 June 2010 at 1:14:59 AM, in
<mid:201006200215.05035.mailinglisten at hauke-laging.de>, Hauke Laging
wrote:
> So in order to be safe you need additional CPU load
> either for TLS or for signing. Signing is superior IMHO
> because it allows reuse of the data (one crypto action
> (covering less data) for several users vs. one for each
> user with TLS) and makes more sense because you don't
> need a second crypto system (X.509) to protect the
> first (OpenPGP).
Starting from where we are now, as far as I know there are no
keyservers that sign their output, but there are keyservers that use
TLS.
And TLS does not have to be x.590. There is a draft spec for using
openpgp keys with TLS http://tools.ietf.org/search/rfc5081 which is
implemented in the GnuTLS library
http://www.gnu.org/software/gnutls/gnutls.html
- --
Best regards
MFPA mailto:expires2010 at ymail.com
Teamwork is essential - it allows you to blame someone else
-----BEGIN PGP SIGNATURE-----
iQCVAwUBTB1z+aipC46tDG5pAQr/ywP9GRgIZrt/hWw/fKY3zXqDGQUCs4MfXoxQ
4BCzIyj5ZFyyVFMm7OsirkWSt0bF1LJCoOlZktk3e4vLaZ3L1A0d3Y0VKgZ0bbto
6ON1wyfJwwPwyElwqywpg0osSRmj8q1tMzanuGX8zmMv2yikUhkoNwjOCxDhByGo
zS31cBkMofQ=
=5j+v
-----END PGP SIGNATURE-----
More information about the Gnupg-users
mailing list