On Sat, Nov 26, 2011 at 11:36:11PM +1100, ianG wrote:
> As far as I can see, this is a third party repository for the keys.
> Which claims to reliabily deliver the keys on request?

Approximately yes, with a couple of additional notes:

- it isn't one third party, but a cooperating group of third parties.  So long
  as one of the third parties performs its role correctly, keys cannot be
  removed from the repository

- the keys it distributes aren't the operational keys you would use on your
  servers, but rather an offline key that you should cross-sign your
  operational keys with.  So if your webserver gets hacked, you don't need to
  go to the trouble of revoking/reissuing your Sovereign Key.

-- 
Peter Eckersley                            [email protected]
Technology Projects Director      Tel  +1 415 436 9333 x131
Electronic Frontier Foundation    Fax  +1 415 436 9993
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to