Weaving a PGP Web of trust..proposal? comments? (fwd)

[Denis.Russell@ncl.ac.uk]

At 10:16 pm +0100 17/8/98, George Foot wrote:
...
>It is PGP (and Public Key Systems generally) which create the problems
>of Key Distribution and hence bring about the proposal for CAs as a remedy
>-- a remedy which falls far short of a cure.
>...

There are always problems of key distribution, but public key systems in
general make life simpler than private key systems. Of course there are
still some remaining problems even with public key systems. The two common
solutions for these problems are certification authorities and personal
webs of trust (the "roll your own parachute" approach of Zimmerman).
Neither is a "complete solution", but the disagreement seems to be really
over what the problem actually is. I guess that when I think about having
keys that I can trust to communicate with colleagues around the world whom
I know personally, I am thinking of an almost, but not quite, completely
different problem from those considered by government officials sat in the
DTI or in Cheltenham.

	Denis.