SSH and GPG Keys
Michael R Head
burner at suppressingfire.org
Wed Jun 1 17:04:21 UTC 2005
On Wed, 2005-06-01 at 16:41 +0100, Colin Watson wrote:
> It would be much better to figure out how to sign all of these keys with
> a single master key kept in a secure location and used for nothing else,
> than to attempt to unify them into a single key. Producing such
> signatures would be a matter of elementary cryptography, although there
> may not be formatting standards for expressing them and passing them
> around.
Something like this is done on computing Grids all the time. In order to
pass a user's identity from machine to machine, process to process,
without requiring constant chatter between endpoints and the user's
process, a chain of proxy SSL certificates is created. It's described in
a proposes extension to SSL (IIRC).
A common thing for a Grid user to do "in the morning" is to run
grid-proxy-init, and then fire off some programs using that proxy.
http://www.globus.org/toolkit/docs/4.0/security/key/index.html#delegation
mike
>
> Cheers,
>
> --
> Colin Watson [cjwatson at ubuntu.com]
>
--
Michael R Head <head at acm.org>
http://www.core.binghamton.edu/~burner/new/res.html
--
Michael R Head <burner at suppressingfire.org>
GPG) http://www.suppressingfire.org/~burner/gpg.key.txt
More information about the ubuntu-users
mailing list