[Ach] StartSSL for Business Sysadmins
Tobias Dussa (SCC)
tobias.dussa at kit.edu
Tue Jan 14 09:26:04 CET 2014
Hi,
On Tue, Jan 14, 2014 at 09:21:02AM +0100, Martin Rublik wrote:
> > So in what world are GPG and SSH better concepts? Yes, they do provide the user
> > the theoretical possibility to do key verification in a more sensible way. That
> > doesn't mean that people actually do that. In fact, at this point, I'd say that
> > the vast majority of serious GPG users are somewhat concerned about their
> > privacy, certainly more so than the average, and even THESE people don't always
> > verify stuff properly.
> You are not alone, see Peter Gutmann's Do Users Verify SSH Keys?
> https://www.usenix.org/system/files/login/articles/105484-Gutmann.pdf
THX for the pointer.
Cheers,
Toby.
--
The wise man never plays leapfrog with a unicorn.
----
Karlsruhe Institute of Technology (KIT)
Steinbuch Centre for Computing (SCC)
KIT-CERT
Tobias Dussa
CERT Manager, CA Manager
Zirkel 2
Building 20.21
76131 Karlsruhe, Germany
Phone: +49 721 608-42479
Fax: +49 721 608-9-42479
Email: tobias.dussa at kit.edu
Web: http://www.kit.edu/
KIT – University of the State of Baden-Wuerttemberg and
National Laboratory of the Helmholtz Association
More information about the Ach
mailing list