RE: [ga] Registration process suggestion

["Roeland M.J. Meyer" <rmeyer@mhsc.com>]

> From: William X. Walsh [mailto:william@dso.net]
> Sent: Thursday, February 03, 2000 8:15 PM
> To: Roeland M.J. Meyer
> 
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> 
> On 04-Feb-2000 Roeland M.J. Meyer wrote:
> > There are two problems extant.
> > 1) Aliasing and masquerading, usurping someone else's email identity.
> > 2) Multiple identities for the same individual.
> > 
> > The first one is easily automatable.
> > 
> > a) Voter registration system has PK set
> > b) Voter registration system *is* a voter CA.
> > 
> > 1) Voter generates/obtains x.509 key set (see your local CA)
> > 2) Voter submits registration form along with public key and CRL.
> > 3) System return, via email, voter CA certificate.
> > 
> > All further email, both ways must be signed, after this point, 
> including ALL
> > discussion list submissions. Those not signed or failing 
> certification do
> > not get posted.
> 
> This method is only compatible with a very very small subset of 
> email clients,
> that support the s/mime certs.  PGP/GnuPG using the openpgp 
> standards would
> work with any email client.

I've used PGP, there are many problems. Besides, PGP can also use x.509.