PGP mods for RIPE-181 code

  > Laurent Joncheray <lpj at merit.edu> writes:
  > 	I use the mechanism provided with PGP to store the public keys,
  > so the development and managment of public key software is  already done.
  > The storage of public key in the maintainer object is a implementation
  > choice which has pro and cons and i prefer not been involved in such
  > an argument. Right now the key are not in the the maintainer object, the
  > software just authomaticly verifies the authenticity of the update
  > messages.

Laurent,

there are some practical problems with the implementation choices. 
You propose: 

  > How to register a public key
  > 
  >         C.f. [PGP]. Sum up: generate the public key from you key ring
  > by using 'pgp -kxa <your-pgp-user-id> <file-where-to-store-the-key>'.
  > Send <file-where-to-store-the-key> to the RR manager. 
  > The RR call the user to check the public key (with the key's fingerprint)
  > and certify it.

This introduces additional manual processing overhead that the RIPE NCC 
does not want now and that I am sure noone will want in the long run. 
Could you elaborate on the cons of putting the public keys in the
maintainer object itself?

Daniel



-------- Logged at  Mon Mar 20 16:36:04 MET 1995  ---------