nikodemus at random-state.net
Wed Nov 5 19:51:53 UTC 2003
On Wed, Nov 05, 2003 at 01:34:44PM -0500, Erik Enge wrote:
> <dan`b> kire: the interesting question to the end-user is "did this
> package come from someone with a cl.net account"
Right on the mark.
> <dan`b> so, for the cl.net application procedure, you ask people to
> send you signed mail to apply
> <dan`b> and you send the inital username/password etc details
> encrypted to that same key
> <dan`b> then you know that the cl.net user is the owner of the gpg
> key, and you can sign the key in question
Minimal complication to procedure, fair inscrease in security. Good
> What do you guys think? Personally, I'm all for it.
So am I.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Size: 189 bytes
Desc: not available
More information about the clo-devel