|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: NetSol's PGP auth ... and the road not taken
On Mon, Oct 22, 2001 at 03:38:35PM -0700, J.D. Falk wrote: > > On 10/22/01, Joe Rhett <[email protected]> wrote: > > > > i've been trying to add a pgp key to the verisign/netsol database for the > > > past two weeks. i've sent four messages, opened three web help requests, > > > and spent three hours on the phone with their helpdesk. they know less > > > than their customers about their own procedures and web documentation for > > > adding keys for PGP guardian auth. > > > > Don't waste your time. We had PGP auth working for the last 6 years. It > > will slow down any change you want to make by 3-5 days. Around 30% will get > > rejected for no reason whatsoever, and much more fun stuff. > > I've had PGP AUTH broken for the last 6 years, and had the same > kind of experience. I just finished an ENTIRE MONTH of calling > a couple of times a week to get a simple host record fixed. In > one call, somebody changed me from PGP AUTH to MAIL-FROM without > effectively confirming that I was really me. I wrote this in March of 1999: I have gone to silly lengths to ensure that I am giving them a valid signature. Once I signed the template, and then verified the signature. I then copied it to another machine with a different PGP version and re-verified the signature. Then I mailed it to myself off-site and verified the signature on the remote system to ensure the mail system wasn't breaking something. Finally, I mailed it to [email protected] and cc'd myself on and off-site. Both copies I got back verified fine. The Internic took a few days and then bounced it because they couldn't verify the signature. It never improved, and I eventually gave up. I'm using OpenSRS now. David -- David Shaw | [email protected] | WWW http://www.jabberwocky.com/ +---------------------------------------------------------------------------+ "There are two major products that come out of Berkeley: LSD and UNIX. We don't believe this to be a coincidence." - Jeremy S. Anderson
|