[Cryptography] The next generation secure email solution
Ralf Senderek
crypto at senderek.ie
Tue Dec 17 09:03:37 EST 2013
Guido Witmond wrote:
> You can use an untrusted CA to bootstrap. I show how it can be done at:
>
> http://eccentric-authentication.org/Brucon-Eccentric.pdf
This is an interesting idea, because it provides certificates on demand
for ordinary users, if they decide to sign up to a certain site. The
certs are then being used for other purposes, so the site does act as a
bootstap for using crypto. The one thing that this proposal relies on is
the availability of a common piece of software (user agent) that stores
the private key for the user. It's this part of the picture where things
get tricky.
--ralf
More information about the cryptography
mailing list