On Sat, Nov 26, 2011 at 11:36:11PM +1100, ianG wrote: > As far as I can see, this is a third party repository for the keys. > Which claims to reliabily deliver the keys on request?
Approximately yes, with a couple of additional notes: - it isn't one third party, but a cooperating group of third parties. So long as one of the third parties performs its role correctly, keys cannot be removed from the repository - the keys it distributes aren't the operational keys you would use on your servers, but rather an offline key that you should cross-sign your operational keys with. So if your webserver gets hacked, you don't need to go to the trouble of revoking/reissuing your Sovereign Key. -- Peter Eckersley [email protected] Technology Projects Director Tel +1 415 436 9333 x131 Electronic Frontier Foundation Fax +1 415 436 9993 _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
