[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SOI: identity protection and DOS
On Tue, 20 Nov 2001, Michael Thomas wrote:
> ...Anybody who puts private
> information into a public document such as a X.509
> cert is foolish and doesn't deserve consideration
> because it starts from a false premise...
Speaking of false premises: X.509 certs are not necessarily public
documents. They have to be revealed to *some* other parties, e.g. the
servers you want to connect to, but that doesn't necessarily mean you are
(or should be) willing to reveal them to everyone.
Analogy: it is necessary to reveal your credit-card number to merchants
you wish to buy from, but you still want it protected against snoopers.
Henry Spencer
henry@spsystems.net
Follow-Ups:
References: