1995-11-28 - (fwd) Netscape V2 and Certificates

Header Data

From: rah@shipwright.com (Robert Hettinga)
To: cypherpunks@toad.com
Message Hash: 591c0045921af4af148b5c6351c11ba21687f24bb4a127ff5d74012bfd087fb5
Message ID: <v02120d06ace0b53ee92e@[199.0.65.105]>
Reply To: N/A
UTC Datetime: 1995-11-28 12:55:16 UTC
Raw Date: Tue, 28 Nov 1995 20:55:16 +0800

Raw message

From: rah@shipwright.com (Robert Hettinga)
Date: Tue, 28 Nov 1995 20:55:16 +0800
To: cypherpunks@toad.com
Subject: (fwd) Netscape V2 and Certificates
Message-ID: <v02120d06ace0b53ee92e@[199.0.65.105]>
MIME-Version: 1.0
Content-Type: text/plain



--- begin forwarded text

From: John Hemming CEO MarketNet <JohnHemming@mkn.co.uk>
Date: Thu, 23 Nov 1995 18:54:36 PM PST
To: www-buyinfo@allegra.att.com
Mime-Version: 1.0
Subject: Netscape V2 and Certificates

We have now spent an interesting time looking at Netscape V2.

If you are interested in looking at V2 and how it relates to certificates
not signed by Verisign please take version 0.15b of Workhorse at
ftp://193.119.26.70/mktnet/pub/horse.zip  (Windows 3.1) switch on
the WWW server and try it out.

Basically the client allows an SSL link to a server "signed" by a CA
that it does not know ("EuroSign") the only problem being that if it
does not know the CA then it cannot check the signature.

I do think this is a major improvement, however, in that it raises
properly the issue of authentication of servers and makes it clear
that the client user should properly consider the server.

At the end of the day the commercial strengths of the server merchant and its
authorisation is more important than who has signed its certificate.  I can
happily obtain certificates for MarketNet even though there is a
US MarketNet Corp.  This is because I have a UK organisation called
MarketNet.  The name, therefore, is not in itself significant.

It is also interesting that Netscape will be checking the domain name in
the near future.  Realistically many people have a large number of
different domain names all pointing at the same server so a generic domain name
is likely to be the most common registration anyway.

At Eurosign.com we will be offering free Certification of a Keypair.  We
wish to ensure that further certification actually means something
commercially viable (eg a Bank regulated by the relevant organisation).
However, as our first offering we will be simply certifying that we have
received valid certificate requests. (they will be short term certs, however)

We have not fully allocated our domain name as yet (as far as I have
been told) although the experimental server (not advised for live use as
there are a number of flaws) was released today.  Eurosign's alpha
test site is at http://193.118.187.106/

--- end forwarded text


-----------------
Robert Hettinga (rah@shipwright.com)
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zldf@clark.net  http://www.netresponse.com/zldf <<<<<







Thread