[Cryptography] Why aren’t we using SSH for everything?
Randy Bush
randy at psg.com
Sun Jan 4 02:23:35 EST 2015
>>> Do you actually verify key fingerprints, and if so, how?
>> gpg signed attestations, e.g. see up front of my site, https://psg.com
> Used ubiquitously by every single server you ever SSH to? How many is
> that, by the way?
you asked a question. i made the mistake of answering. won't do that
again.
i think we all understand the trust structures of x.509, ssh, pgp, etc.
well, i sure hope so.
the internet is not a hierarchy, police states are. -- a tee shirt i
had made
randy
More information about the cryptography
mailing list