[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Auth]Authorization Certificates

From: Adam Theo
Subject: Re: [Auth]Authorization Certificates
Date: Wed, 18 Jul 2001 23:31:52 -0400

Norbert Sendetzky wrote:
> > the solution, i believe, firmly rests in PKI. PKI is Public Key
> > Infrastructure, for those who don't know, and it is outlined:
> >
> > * everyone has a certificate, or maybe multiple ones (don't see why, but
> > it's possible).
> > * each certificate/user is 'certified' by someone else. it can be a
> > friend, bank, family member, etc. anyone.
> > * when you go to deal with this person, you may not know them, but the
> > trick is to find a "link" with people who you trust, and who also trust
> > this other person.
> > * this can all be handled automatically, so to be virtually seamless to
> > you and everyone else.
> That's the way PGP/GPG does!
> It's secure, already there and has been proven over a long period of time.

hi. yep, PGP/GPG does very similar.

i just published an idea of how Trust can work in the Jabber Identity
project I am working on at . the Draft
is at:

it does not involve PGP and GPG, or even PKI to a large degree, because
it does not need 'Keys' or 'Certificates'. authentication is handled by
the jabber login system instead. but this draft outlines the 'lines of
trust' that can be used in a system which has some alternate
authentication system in place.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]