Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Full Disclosure: Re: PGP vs. certificate from Verisign

Re: PGP vs. certificate from Verisign

From: Shawn McMahon <smcmahon_at_eiv.com>
Date: Sun, 11 May 2003 19:09:01 -0400

On Sat, May 10, 2003 at 02:57:12AM +0200, yossarian said:
> What I wonder - will Verisign have set up CRL servers yet? Remember the IE
> problem when someone got hold of MS certificates? The MS-fix was
> blacklisting them locally, the real problem was that there was no revocation
> servers. Then again, how many concurrent connections would they get if MS
> sent out a critical update?
>
> So - stick to PGP - forget about PKI.

Pardon me if a clue whizzed by while I was working, but I read this as
"PKI doesn't have any way to guarantee ad-hoc revocation of a
certificate, so stick to PGP, which also doesn't have any way to
guarantee ad-hoc revocation of a certificate". 

-- 
Shawn McMahon     | Let every nation know, whether it wishes us well or ill,
EIV Consulting    | that we shall pay any price, bear any burden, meet any
UNIX and Linux	  | hardship, support any friend, oppose any foe, to assure
http://www.eiv.com| the survival and the success of liberty. - JFK

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  • application/pgp-signature attachment: stored
Received on May 11 2003
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]