[unisog] Machine readable version of Notification

Tim O'Connor oconnort at nyu.edu
Tue Nov 13 18:37:57 GMT 2001


On Tue, Nov 13, 2001 at 05:44:32PM +0000, Bruce Ward wrote:

> By the way, we have decided to implement a GPG signature on
> our notifications.  .  A GPG key will be issued for the role
> 'Client-Notifications' with a separate key created for each
> client.  The signature should begin appearing on outgoing
> messages from '*-notifications at netpd.com' later this week.

If you don't mind someone chiming in on this ... this is kind of 
the opposite of how you typically use a public key.  

The idea is for you to own ONE key (or perhaps a couple) associated 
with your organization (and, ideally, signed by one or more well-known 
people who vouch for its authenticity, though I don't know how that 
would work in your case), and then use the single well-known key (which 
all recipients would, ideally, recognize) to sign all your official mail.

Having unique keys made by you for each recipient is mind-bogglingly 
complicated to manage and would not scale well.

Perhaps you're confusing it with the collection of unique keys from
the people with whom you exchange mail?  In THAT case you would have
lots of keys, each associated with the place to which you are writing.

But you wouldn't issue them; rather, you'd collect keys from people
out there, or from a key server.  Though you don't need each person's
key if all you're doing is sending out signed mail; instead, the
recipient would need to have a copy of your key.

Just my 2 cents....

--tim o'connor

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Tim O'Connor                                        tim.oconnor at nyu.edu
New York University
Information Technology Services                   Phone: (212) 998-3024
Technology Security Manager, Office of the CITO     Fax: (212) 995-4929
10 Astor Pl., New York, NY 10003       www.nyu.edu/its/polplan/oconnort




More information about the unisog mailing list