KEYDIST mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: keydist@cafax.se
From: Paul Hoffman / IMC <phoffman@imc.org>
Date: Mon, 7 Jan 2002 13:23:23 -0800
Sender: owner-keydist@cafax.se
Subject: Definitions of keys and certs

Let's toss a bit more fat on the fire here. Some people have been 
claiming that they only care about bare public keys; I disagree with 
a subset of that group.

A bare public key that you will only trust if you trust a public key 
that has signed it is not a public key: it is a part of a 
certificate. DNSSEC "keys" are in fact not keys, they are a part of a 
certificate.

A bare public key that you will trust based on out-of-band 
information is in fact a public key. SSH public keys usually match 
that definition.

These are not the same thing.

--Paul Hoffman, Director
--Internet Mail Consortium

Follow-Ups:
- Re: Definitions of keys and certs
  - From: Michael Richardson <mcr@sandelman.ottawa.on.ca>
- Re: Definitions of keys and certs
  - From: Greg Hudson <ghudson@MIT.EDU>
- Re: Definitions of keys and certs
  - From: Derek Atkins <warlord@MIT.EDU>

Prev by Date: List archive now on web.
Next by Date: Re: From whence we came...
Prev by thread: List archive now on web.
Next by thread: Re: Definitions of keys and certs
Index(es):
- Date
- Thread

Home | Date list | Subject list