[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: legal question about certs

To: "Brian M. Thomas" <bt0008@entropy.sbc.com>
Subject: Re: legal question about certs
From: "E. Gerck" <egerck@laser.cps.softex.br>
Date: Thu, 26 Jun 1997 20:26:22 -0300 (EST)
Cc: BJUENEMAN@novell.com, cme@cybercash.com, banisar@epic.org, spki@c2.net
In-Reply-To: <199706262049.PAA13047@entropy.sbc.com>

On Thu, 26 Jun 1997, Brian M. Thomas wrote:

-> Ed Gerck's example does not illustrate his point but the opposite.  If
-> I did not sign the certificate granting me access to the damaged site,
-> there is no reason whatever to suppose that I had anything to do with
-> the intrusion.  

That's exactly my point. You are not liable if you don't sign.

That's why I proposed an asymmetric situation:

you MUST sign but the verifier MAY check your signature. 

There is no implied overhead on the verifier's side and everyone is as
protected as they wish.

Hope it's  clear,

Cheers,

Ed Gerck
______________________________________________________________________
Dr.rer.nat. E. Gerck                        egerck@laser.cps.softex.br
http://novaware.cps.softex.br
P.O.Box 1201, CEP13001-970, Campinas-SP, Brazil  - Fax: +55-19-2429533

Follow-Ups:

Re: legal question about certs

From: Nick Szabo <szabo@best.com>

References:

Re: legal question about certs

From: "Brian M. Thomas" <bt0008@entropy.sbc.com>

Prev by Date: Re: SPKI signing keys only
Next by Date: Re: Subject signing redux (was: Re: Mary is Mary)
Prev by thread: Re: legal question about certs
Next by thread: Re: legal question about certs
Index(es):
- Main
- Thread