[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Private keys and the emperor's clothes -Reply

At 12:41 AM 6/24/96 -0700, Bill Stewart wrote:
>To avoid the paper problem, and reduce the problem of signatures from
>CAs you don't want signing your keys (e.g. the KGB, the KKK, etc.)
>it may be worth using having the key-owner sign the certificate
>that the CA issues signing the key, either as a separate document
>held by the CA or as a fundamental part of a certificate format.
>The document could also include a digitized photograph, scan of
>a hand-written signature, etc. to add artistic verisimilitude,
>though of course these can be faked also...

Speaking of good reasons why the CA should not ever have access to the
secret key...

Bill Frantz       | The Internet may fairly be | Periwinkle -- Consulting
(408)356-8506     | regarded as a never-ending | 16345 Englewood Ave.
frantz@netcom.com | worldwide conversation.    | Los Gatos, CA 95032, USA