[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: RE: non-key-sharing
-----BEGIN PGP SIGNED MESSAGE-----
At 11:49 AM 11/11/97 -0700, Bob Jueneman wrote:
>I hope that Peter will forgive my posting his private message to me to the
>board, for he makes some points that are worth discussing, including the
>nature of a Registration Authority vs. Certification Authority, and the
>difference between "corporate" and "public" CAs.
Bob and Peter.
Thanks for reposting this message.
I think it emphasizes that a given certificate issuing function might be
distributed for security or operational reasons. The crypto box that makes
a signature might be held someplace where there are guards so that the
private key won't be stolen, but you might want to activate it from a local
workstation in an Internet Cafe someplace. Meanwhile, the online test party
has different business rules from the issuer (needing to respond to a phone
call 24 hours a day, for example) so it might be a completely different
party.
[Of course, having a private key held in a box guarded by security people
also opens the possibility of improper access -- e.g., by Louis Freeh.]
- Carl
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQCVAwUBNG/fPhN3Wx8QwqUtAQEC+wQAiJDZR1htwdFgwsCgb/kDr65sJ3mEd+ZI
mki9PoDTEHowuvJMDPIjA+r0vJTBzW3Vods0gsxA1QZZA08wma2Di0wDYBil2yCn
+NlZYIHsQ+PvxT00yVO+xr8wyYOVRiANg71YRlC0o4031SAkFk3PxQn0uyOAFxE3
CCFTL2h3PKw=
=m+7E
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
References: