[ale] Key management

Robert Reese ale at sixit.com
Thu May 15 00:10:22 EDT 2008


Hi Kevin,

*********** REPLY SEPARATOR  ***********
On 5/14/2008 at 11:01 AM Kevin O'Neill Stoll wrote:

>Problem being, I don't want to have to distribute O's pub
>key manually to a dozen or 12 dozen sources.

Then what you are saying is that you won't ever send anything from O that is signed or encrypted.  O would only receive.

But there's still a problem: you still have to distribute O's public key to eah client that is to send encrypted data to O.


>In the case of a pks, I would just configure the S clients
>to lookup against an internal pks for the O pub key,
>instead of manually placing a copy locally with each S.

Why would you do that?  You'd force a check each and every time rather than S having O's public key in S's keyring.  That would not be advisable.


>And in reverse, O could lookup the pub key of the signer to
>validate the origin.

That is unnecessary if each of the sender's public key is in O's keyring.


Regardless, here are some links to check out that would seem to satsify your initial request:

OpenPKG
http://www.openpkg.org/

Onak
http://www.earth.li/projectpurple/progs/onak.html

CryptNet
http://cryptnet.net/fsp/cks/

SKS
http://www.nongnu.org/sks/

Cheers,
Robert~

------------------------------------------------------
   * Microsoft is NOT a standard. *
------------------------------------------------------

SIXIT Consulting
O: (478) 599-1301
Cell: 678-438-6955 or (478) 599-1300
Fax: 866-355-3720 (Toll-Free)

2907-I Watson Blvd
#308
Warner Robins, GA 31093-8535
United States





More information about the Ale mailing list