On Wed, 15 May 1996, Matt Smith wrote:
- Having a certifying node which every other node has the public key to and who has everyone else's public key. Requests are made of this server. The trick is making this server secure and forcing the user to devote resources to this endeavour.
This is the usual approach; if you use certificates, the private key for the certification agency doesn't have to be (and shouldn't) be accessible online; thus, even if the machine serving the certificates is compromised, Mallet won't be able to issue false certificates. --- Cause maybe (maybe) | In my mind I'm going to Carolina you're gonna be the one that saves me | - back in Chapel Hill May 16th. And after all | Email address remains unchanged You're my firewall - | ........First in Usenet.........