List Archival
Stefan Claas
spam.trap.mailing.lists at gmail.com
Sun Oct 24 13:39:18 PDT 2021
On Sun, Oct 24, 2021 at 10:12 PM Karl <gmkarl at gmail.com> wrote:
> I didn't know there was such a thing as a PGP CA, kinda cool, does
> sound a little single-point-of-failure to me, but you must have laws
> to e.g. force them to improve their practices if they aren't
> sufficient, I suppose.
Well, the CA is run on behalf of our BSI (a Government Institution)
for computer security etc. If the service goes down, you can
expect that it will be up again the next day, in case of failure or DDOS.
The only reason to no longer run the CA could maybe be that one
day OpenPGP plays no longer a role, cost-wise to run such a service,
for free and its (few) citizens using OpenPGP.
For digital signatures only we have also now EU wide eIDAS,
which allows people to use .pdf documents and let them digitally
sign via authorized (by Government) services. You then can for
example (as a US citizen etc.) verify my .pdf document, say
contract, application form, or whatever, and you would know that
it is me and also the signature is legally binding.
Regards
Stefan
More information about the cypherpunks
mailing list