OpenPGP as a network authentication scheme

the OpenPGP standard is RFC 2440. It pairs standard Public-key cryptography with a decentralized key distribution/verification infrastructure, known as the web of trust.

RFC 5081 specifies how to use OpenPGP keys in TLS connections.

Web of Trust

FIXME: more written here soon

How it works

Why choose the Web of Trust over other PKI

  • decentralization
  • simple keyserver-based revocation
  • freedom of tools
  • multiple certifiers per certificate (no certifier lock-in)
  • flexible trust models (you can decide how/who you trust)

OpenPGP tools

Last modified 11 years ago Last modified on Jan 4, 2008, 4:14:20 PM