[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Subject signing redux (was: Re: Mary is Mary)
Carl Ellison <email@example.com> writes:
>The reason for subject signatures is for certs offered by accessed sites, out
>of their security log, to a court of law to show opportunity for mischief to
>have been done.
Unless I'm completely confused, this means the accessed sites can, as a
matter of policy, refuse access to non-subject-signed certificates. If so,
then what is the point of this discussion?
Also, when can we expect reference code for SPKI?