| From: James Knott via talk <[email protected]> | The proper way to do digital signatures is with X.509 certificates. When I was | at IBM, in the late 90s, we used them in Lotus notes. There are some public | key sources available, but it's not very common outside of large | organizations.
Maybe. The troubles include: - issuers should take on the responsability to validate what they are vouching for. It is hard to make this simultaneously useful and inexpensive. - cert vendors are mostly rent-seeking. That goes with the territory of being at the top of a hierarch - X.509 is complicated in ways that are not useful The PGP web of trust is/was interesting but it doesn't seem to work for most people. Perhaps due to lack of motivation. --- Post to this mailing list [email protected] Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk
