From: greg@ideath.goldenbear.com (Greg Broiles)
Date: Thu, 2 Sep 93 16:34:46 PDT
To: cypherpunks@toad.com
Subject: Who generates AOCE keys?
Message-ID: <5qP09B1w164w@ideath.goldenbear.com>
MIME-Version: 1.0
Content-Type: text/plain


Scott Collins (collins@newton.apple.com) writes:
(re AOCE, and who generates users' key pairs)

>What I gathered from actually using this software is that you personally
>generate a key pair, on your own machine, and then transparently send your
>public key to RSADSI.  Some time later, you receive a certificate (with an
>expiration date) that allows your 'signer' to function.  RSADSI does not
>make, or even see, your private key.

and Mitch Ratcliffe (godsdog@netcom.com) writes, in E-mail:
(posted with permission)

>While Apple will not cop to this, it is my understanding that users will
>get certified keys from RSA. I have Very Good Sources on this. They can
>generate a key for use on their network, but as part of the vision of the
>paperless, collaborative economy, Apple believes you'll want publically-
>certified keys.

Well, Apple has failed to guess what I'll want. :) Perhaps the similarity
of these two ideas (RSA generates keys & certificates, versus RSA gets
public key & generates certificate) has generated confusion internally
at Apple; I dunno.



--
Greg Broiles                            greg@goldenbear.com
Golden Bear Computer Consulting         +1 503 342 7982
Box 12005 Eugene OR 97440               BBS: +1 503 687 7764