Cryptography Reference
In-Depth Information
Meanwhile there is a large number of
key servers
, i.e., computers that mutually
certify themselves. They are used to deposit people's public keys in a more or
less tamperproof way (for example,
www.de.pgp.net/pgp
,
www.keyserver.
net
). The only drawback of this large number of servers is a potential for
denial-of-service attacks. But you can deposit your key, against a fee, on a
'public' server less exposed to these risks.
That much about the theory. You will read in Section 7.2.3 what things with
the Web of Trust look like in the real world.
Portability
One of the important and nice traits of PGP is its portability between vari-
ous operating systems. It runs on all UNIX variants as well as DOS, OS/2,
Windows, and on Macintosh, Amiga, Archimedes, and Atari computers, and
even on VMS. Encrypted messages can be exchanged among all these systems.
Ascom Systec AG, the owner of the IDEA license, even offered a commercial
mail system (Ascom Mail), which understands and creates the PGP format. I
find this approach remarkable: rather than bulkhead themselves from the free
software domain with commercial products, they coexist. This will certainly
not reduce the sale of Ascom Mail, because commercial systems also have
benefits.
In any event, this covers the domain of privately used computers. This portabil-
ity is important, because email generally connects all kinds of different systems,
which is often forgotten. Only when PGP can be used by most users all over
the world will it stand a chance to become a standard. The price to be paid for
this is that PGP cannot be operated with the favorite mouse — it is command-
line controlled. Though this is simpler and faster in many cases, it's mega-out.
Users who don't want to work without graphics will find a sufficiently large
number of graphical user interfaces and mailers that can be installed on top of
PGP. More about this topic in Section 7.2.3.
Let's not dwell on the operation and functionality of PGP. You can read all
about it in the literature or the product documentation as well as on the Web site.
7.1.3 How PGP Works
We will be looking at cryptologically interesting details of the PGP implemen-
tation in the following, and dealing with this product much more than with
