[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Subject signing redux (was: Re: Mary is Mary)

>From: dpkemp@missi.ncsc.mil (David P. Kemp)
>To: spki@c2.net
>Subject: Re: Subject signing redux (was: Re: Mary is Mary)
>When the subpoena request comes in to Jon, asking him to produce the
>body to whom he issued the cert, he can still lie and claim that Mary
>has a key that she never had.  Requiring keyholders to sign certs does
>not protect keyholders from being framed by dishonest issuers.

Yes, you're correct.  If you have a subpoena cert, then the process
serving company had better be honest.  So -- there's still a reason
for bonding, insurance -- maybe even government intervention (although
I'm not sure I'd trust the gov't over an established company in 
the private sector.

 - Carl