[ppml] mail auth proposals, was Re: the "other"...

Randy Bush randy at psg.com
Mon Apr 9 13:06:27 EDT 2007

> Having once considered how I would go about arranging for secured 
> email via X.509 or PGP, I settled first on X.509 as it was easier to 
> document a policy for that.  The relationship is "clearer" in that 
> one side asserts that there is a binding between some cryptographic 
> data and an identified object.  In PGP, with the idea of transitive 
> trust via trusted introducers the picture became a little fuzzy. 

nope.  do not be confused.  the trust relationship is the same in
both cases.  the contractual relationship with arin binds a public
private key pair.  the pgp web of trust is not used.


More information about the ARIN-PPML mailing list