[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: legal question about certs
-----BEGIN PGP SIGNED MESSAGE-----
At 05:39 PM 6/25/97 -0600, Bob Jueneman wrote:
>\Unfortunately, the argument is circular. If you are concerned about a
>rogue CA issuing a certificate to someone who never heard of that CA, that
>CA could invent whatever public/private key pair they wished, and embed that
>key in the certificate they are issuing!
Aha! Another reason not to have identity certs. With pure SPKI certs,
there is no identity other than the key, so a CA can't invent a key pair and
attach it to anyone. With SDSI, there is no identity of meaning to anyone
other than the CA, so the same applies.
-----BEGIN PGP SIGNATURE-----
Version: 5.0
Charset: noconv
iQCVAwUBM7HVQlQXJENzYr45AQF8KgQAl1BzkAMU7PXcwf+adHaVJZVnBXz4qnwW
Cqz9W0sypQMKFrde8BkZDn2bBMvUoUJAfxaksUwtMMCJOknl3HxxWPpcjlWT9iAy
Z33BWR+CXfoHNnRPYzH4vK84c2HUrToc5k7vTLJ69YGgMJhCZVmfMH73OxNt8ZER
VRjiZW065n0=
=SNgU
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
Follow-Ups:
References: