"S. Alexander Jacobson"
Look, cryptographically GPG and SSL are very similar. With either one, if you trust long chains of signings, you are at risk that any intervening key has been compromised. So, in practice, you rely on a set of root certs/signers you trust to
One difference is that GPG is a web, and SSL is a tree. If the SSL root certificate is compromised, you have to throw out the entire certificate tree, for any lower level certificate, you only have to throw out that branch. Users will then need to manually remove the root or branch certificate from their browser or other client. With GPG there's no single point of failure, and there's also a simple command "gpg --refresh-keys" to download new signatures, keys or revocations. With gpg --gen-revoke you can generate a revocation certificate to store separately. In the case where your laptop or desktop containing the secret key is compromised, you can upload your revocation certificate to the keyservers. Then the next time users use --refresh-keys, the revocation is added to their keyring.
* put some effort into verifying the mapping from a key to an identity,
Key signing parties are common in the open source culture.
* maintain their private keys sufficiently securely that you can trust it for long periods of time, and
I use a sentence sized string for my gpg key password. gpg asks for the password for each use, but has an option to cache the password for some minutes after use when you want to sign many packages or keys. Password protected SSL certificates either need the admin to type in the password for each apache-ssl startup, or they need the plaintext password fed to them from the startup script. I don't like either of those options.
* notify you when keys they have signed have been compromised.
--refresh-keys does this.
The real differentiator between SSL and GPG is that the former is transport level while the later is file level. With SSL, I think you suffer additional complexity each time you set up a web server. With GPG, you suffer additional complexity each time you create a new file to share. I think most people create many more files to share than they set up web servers to serve them so I prefer the SSL model.
SSL would limit users to internet-only security. Embedded systems, new installations, laptops, ISP hardware failure and many other reasons can lead to cases where disconnected but secured package installation would be desirable. In this case, gpg is used to sign zip or tar.gz archives of new versions. I do wish new versions of Haskell software were released often enough to make this a usability problem. :-) -- It seems I've been living two lives. One life is a self-employed web developer In the other life, I'm shapr, functional programmer. | www.ScannedInAvian.com One of these lives has futures (and subcontinuations!)| --Shae Matijs Erisson