1998-06-23 - Re: Verisign & NAI Join Forces, PGP out the door? (fwd)

Header Data

From: Lucky Green <shamrock@cypherpunks.to>
To: Max Inux <maxinux@bigfoot.com>
Message Hash: 90383e3a08310c76b39e4d3d38f9a1cba4a39b22c7678e6a97b1a5d33a093b82
Message ID: <Pine.BSF.3.96.980623235326.12905F-100000@pakastelohi.cypherpunks.to>
Reply To: <Pine.LNX.3.96.980623131241.13141B-100000@khercs.chipware.net>
UTC Datetime: 1998-06-23 23:11:27 UTC
Raw Date: Tue, 23 Jun 1998 16:11:27 -0700 (PDT)

Raw message

From: Lucky Green <shamrock@cypherpunks.to>
Date: Tue, 23 Jun 1998 16:11:27 -0700 (PDT)
To: Max Inux <maxinux@bigfoot.com>
Subject: Re: Verisign & NAI Join Forces, PGP out the door? (fwd)
In-Reply-To: <Pine.LNX.3.96.980623131241.13141B-100000@khercs.chipware.net>
Message-ID: <Pine.BSF.3.96.980623235326.12905F-100000@pakastelohi.cypherpunks.to>
MIME-Version: 1.0
Content-Type: text/plain


The primary difference between X.509v3 vs. PGP keys is one of format, not
of function. There is nothing you can do in native PGP key format that you
can't do in X.509.

However, many companies mandate keys to be kept in X.509 format
for compatibility reasons (you can then put the key on a smartcard, etc.).
What this move will mean is that PGP will make further inroads into the
corporate world and that strong crypto will be used more widely.

Standardization is a Good Thing.

--Lucky

On Tue, 23 Jun 1998, Max Inux wrote:

> This is what I was able to find out about the Verisign/NAI partnership.
> 
> -- Max Inux (MaxInux@bigfoot.com) UIN: 207447, http://khercs.chipware.net 
> Strong Cryptography makes the world a safer place- PGP: 0x5CCFCA59
> Or Kinky sex makes the world go round- Christie: Your in my sig too
> ^^ If Cryptography is outlawed,  only outlaws will have cryptography ^^
> 
>  
> 
> ---------- Forwarded message ----------
> Date: Tue, 23 Jun 1998 10:22:26 -0700
> From: Jon Callas <jon@pgp.com>
> To: Max Inux <maxinux@bigfoot.com>, Sean_Paswater@nai.com
> Cc: chip@chipware.net, jon@pgp.com
> Subject: Re: Verisign & NAI Join Forces, PGP out the door? (fwd)
> 
> At 08:10 PM 6/22/98 -0700, Max Inux wrote:
>    Chip and Jon:
>    
>    Chip:  Have any insight into this or is this gonna be like the TIS scare
>    w/ Key Escrow?
>    
>    Jon:  Since Chip will probably end up asking you or some of the other
>    higher ups if he is unsure, Is there any truth to this story, or is this
>    TIS #2?
>    
> The tale is true -- it's the *interpretation* that's bogus. PGP is not out
> the door. PGP will be doing X.509 too. There's not a lot of difference
> between an X.509 certificate and a PGP key signature. They do the same
> thing. What you'll be able to do is have Verisign sign your key. The first
> steps of this are coming this fall -- you'll be able to drop an X.509 cert
> into your keyring and it will magically transform itself into a PGP key. At
> first, you'll only be able to use it with TLS (a.k.a. SSL), which is also
> coming this fall. 
> 
> 	Jon
> 
> 
> 
> -----
> Jon Callas                                  jon@pgp.com
> CTO, Total Network Security                 3965 Freedom Circle
> Network Associates, Inc.                    Santa Clara, CA 95054
> (408) 346-5860                              
> Fingerprints: D1EC 3C51 FCB1 67F8 4345 4A04 7DF9 C2E6 F129 27A9 (DSS)
>               665B 797F 37D1 C240 53AC 6D87 3A60 4628           (RSA)
> 
> 


-- Lucky Green <shamrock@cypherpunks.to> PGP v5 encrypted email preferred.
   "Tonga? Where the hell is Tonga? They have Cypherpunks there?"






Thread