From: "Pat Farrell" <pfarrell@netcom.com>
Date: Wed, 2 Mar 94 12:51:10 PST
To: mccoy@ccwf.cc.utexas.edu
Subject: PEM, was Re: low-overhead encrypted telnet
Message-ID: <57220.pfarrell@netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


In message Wed, 2 Mar 1994 11:55:32 -0600 (CST),
  Jim McCoy <mccoy@ccwf.cc.utexas.edu>  writes:
> I sincerely doubt that such a system would be designed or implemented
> before the turn of the century.  All one needs to do is take a look at the
> PEM key certification authority clusterfuck to see just how difficult it
> can be to implment something like this.

I have to admit that PEM's RSN availability against PGP 2.X's 20+ months
of worldwide availability has made me not keep up with PEM and the
latest hierarchical, government controlled certification process...

But is there an intrinsic problem with a PGP-style web of trust for
remote telnet/rlogin applications. I really don't expect to login to
arbitrary nodes on the net, but is that required? or simply a robust way
(SecureID in software?) Maybe PCMCIA cards with PGP once desktop systems
have them.

If i'm cluelessly missing something essential, please email me the news.

Thanks
Pat

Pat Farrell      Grad Student                 pfarrell@gmu.edu
Department of Computer Science    George Mason University, Fairfax, VA
Public key availble via firger          #include <standard.disclaimer>