OpenPGP as a network authentication scheme
the OpenPGP standard is RFC 2440. It pairs standard Public-key cryptography with a decentralized key distribution/verification infrastructure, known as the web of trust.
RFC 5081 specifies how to use OpenPGP keys in TLS connections.
Web of Trust
FIXME: more written here soon
How it works
Why choose the Web of Trust over other PKI
- decentralization
- simple keyserver-based revocation
- freedom of tools
- multiple certifiers per certificate (no certifier lock-in)
- flexible trust models (you can decide how/who you trust)
OpenPGP tools
- The GNU Privacy Guard, aka GnuPG or gpg
- enigmail, a plugin for Thunderbird, the Mozilla Foundation's e-mail client.
- enigform
- fireGPG
- mod_auth_openPGP
- GnuTLS
other links
- an article by dkg on debian-administration.org
- OpenPGPandSSH
Last modified 5 years ago
Last modified on Jan 4, 2008 4:14:20 PM
