[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [E-CARM] PKI, CAs, TTPs &c.

i believe so .... we actually have a distinction proposed that any
digitally signed
document attesting to the validity of a public/private key pairing is a

... the distinction is that a client (in the bank case) sends (effectively)
a self-signed
certificate to the bank (CA) as part of certification process
(demonstrating that the client
has the private key that corresponds to the public key in the certification
process) ...
i.e. in effect all CAs that require proof by the client that the client has
the private key
... utilize some form of self-signed certificate (i.e. something signed by
a private
key attesting to something about the client's public key).

in this particular financial case, the (financial institution) CA may or
may not turn
around and issue a certificate further certifying something about the
public key ... and even if they do issue such a certificate  ... it
doesn't mean that the client is required to return the certificate to the
financial institution/CA ... whenever the client is executing a digitally
transaction with the issuing FI/CA.