[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [ga] Registration process suggestion
> From: William X. Walsh [mailto:firstname.lastname@example.org]
> Sent: Thursday, February 03, 2000 8:15 PM
> To: Roeland M.J. Meyer
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> On 04-Feb-2000 Roeland M.J. Meyer wrote:
> > There are two problems extant.
> > 1) Aliasing and masquerading, usurping someone else's email identity.
> > 2) Multiple identities for the same individual.
> > The first one is easily automatable.
> > a) Voter registration system has PK set
> > b) Voter registration system *is* a voter CA.
> > 1) Voter generates/obtains x.509 key set (see your local CA)
> > 2) Voter submits registration form along with public key and CRL.
> > 3) System return, via email, voter CA certificate.
> > All further email, both ways must be signed, after this point,
> including ALL
> > discussion list submissions. Those not signed or failing
> certification do
> > not get posted.
> This method is only compatible with a very very small subset of
> email clients,
> that support the s/mime certs. PGP/GnuPG using the openpgp
> standards would
> work with any email client.
I've used PGP, there are many problems. Besides, PGP can also use x.509.