[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: SOI: identity protection and DOS



On Tue, 20 Nov 2001, Michael Thomas wrote:
> ...Anybody who puts private
> information into a public document such as a X.509
> cert is foolish and doesn't deserve consideration
> because it starts from a false premise...

Speaking of false premises:  X.509 certs are not necessarily public
documents.  They have to be revealed to *some* other parties, e.g. the
servers you want to connect to, but that doesn't necessarily mean you are
(or should be) willing to reveal them to everyone. 

Analogy:  it is necessary to reveal your credit-card number to merchants
you wish to buy from, but you still want it protected against snoopers.

                                                          Henry Spencer
                                                       henry@spsystems.net



Follow-Ups: References: