[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: legal question about certs

To: Bob Jueneman <BJUENEMAN@novell.com>
Subject: Re: legal question about certs
From: Carl Ellison <cme@cybercash.com>
Date: Wed, 25 Jun 1997 22:34:43 -0400
Cc: banisar@epic.org, spki@c2.net
In-Reply-To: <s3b157e0.084@novell.com>
Sender: owner-spki@c2.net

-----BEGIN PGP SIGNED MESSAGE-----

At 05:39 PM 6/25/97 -0600, Bob Jueneman wrote:
>\Unfortunately, the argument is circular.  If you are concerned about a
>rogue CA issuing a certificate to someone who never heard of that CA, that
>CA could invent whatever public/private key pair they wished, and embed that
>key in the certificate they are issuing!

Aha!  Another reason not to have identity certs.  With pure SPKI certs, 
there is no identity other than the key, so a CA can't invent a key pair and 
attach it to anyone.  With SDSI, there is no identity of meaning to anyone 
other than the CA, so the same applies.

-----BEGIN PGP SIGNATURE-----
Version: 5.0
Charset: noconv

iQCVAwUBM7HVQlQXJENzYr45AQF8KgQAl1BzkAMU7PXcwf+adHaVJZVnBXz4qnwW
Cqz9W0sypQMKFrde8BkZDn2bBMvUoUJAfxaksUwtMMCJOknl3HxxWPpcjlWT9iAy
Z33BWR+CXfoHNnRPYzH4vK84c2HUrToc5k7vTLJ69YGgMJhCZVmfMH73OxNt8ZER
VRjiZW065n0=
=SNgU
-----END PGP SIGNATURE-----


+------------------------------------------------------------------+
|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
+------------------------------------------------------------------+

Follow-Ups:

non-id certs +++

From: Carl Ellison <cme@cybercash.com>

References:

Re: legal question about certs

From: Bob Jueneman <BJUENEMAN@novell.com>

Prev by Date: Re: legal question about certs
Next by Date: non-id certs +++
Prev by thread: Re: legal question about certs
Next by thread: non-id certs +++
Index(es):
- Main
- Thread