help-gnutls
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Help-gnutls] Re: TLS/OpenPGP draft expiring soon


From: Simon Josefsson
Subject: [Help-gnutls] Re: TLS/OpenPGP draft expiring soon
Date: Tue, 16 Jan 2007 19:14:41 +0100
User-agent: Gnus/5.110006 (No Gnus v0.6) Emacs/22.0.92 (gnu/linux)

Daniel Kahn Gillmor <address@hidden> writes:

> At 2007-01-16 14:54, address@hidden said:
>
>> I just noticed that the proposal to extend TLS to support OpenPGP
>> certificates written by Nikos Mavrogiannopoulos expires on February 1st:
>> 
>>   http://www.ietf.org/internet-drafts/draft-ietf-tls-openpgp-keys-11.txt
>> 
>> Are there any news regarding this?
>
> I would also like to know about this.  I think this draft is
> important, and would love to see it get wider attention.  I've written
> an article about TLS certificate authentication that ended up pretty
> strongly in favor of the OpenPGP certificate model:
>
>  http://www.debian-administration.org/users/dkg/weblog/12

Cool!

Btw, the TLS servername extension (see RFC 3546) is intended to solve
the first problem you noticed, that servers cannot offer multiple
X.509 certificates.

> For those of us who are interested in promoting this model, what are
> possible courses of action to help out?

Work on mod_gnutls for Apache.  It should not have to be a big
project, but it is a good way to get this feature into Apache.

Also, testing and improving the OpenPGP parts of GnuTLS would be
useful.  In particular, OpenCDK isn't really in the shape that I'd
like to see it in.  Funding someone to work on that (I'm available :))
would be one way.

Thanks,
Simon




reply via email to

[Prev in Thread] Current Thread [Next in Thread]