From: collins@newton.apple.com (Scott Collins)
To: “Christian D. Odhner” <cdodhner@indirect.com>
Message Hash: a4a35f8607420f8cc941ce541bba152bb0b2f440cb204f285ea6f3bebc3c3cb4
Message ID: <9309072205.AA05327@newton.apple.com>
Reply To: N/A
UTC Datetime: 1993-09-07 22:47:40 UTC
Raw Date: Tue, 7 Sep 93 15:47:40 PDT
From: collins@newton.apple.com (Scott Collins)
Date: Tue, 7 Sep 93 15:47:40 PDT
To: "Christian D. Odhner" <cdodhner@indirect.com>
Subject: Re: Who generates AOCE keys?
Message-ID: <9309072205.AA05327@newton.apple.com>
MIME-Version: 1.0
Content-Type: text/plain
Christian D. Odhner writes:
>what keeps people from [getting certified] keys with somebody else's name
The The relation between the preferred signature authority for the
installation, and that installation. From the documentation:
>Some companies authorized to issue approval files to their employees may
>require that you sign a printed request form and have it notarized by a
>notary public. (To create a printed request form, choose Print from the File
>menu.) Note: If you are going to use your Signer as an individual or in a
>small business, look for the insert that came with this package for
>instructions on using an outside approval authority.
>Print your request and send it, with a copy of the Request file on disk if
>necessary, to your approval authority. See the insert that came with your
>package for details. Assuming that your request form has been completed
>properly, the approval authority will send back your Signer Approval file.
...which would seem to put the lie to (the general application of) my
ealier statement:
>[the key] can be mailed automagically to RSADSI
Which turns out to be true only for the 'low assurance' RSA Persona
Certificate Authority (currently handing out certificates for free) which
does no verification of the user<-->id link. CAs with more stringent
policies have stronger prerequisites for the issuance of a certificate.
Hope this helps,
Scott Collins | "Few people realize what tremendous power there
| is in one of these things." -- Willy Wonka
......................|................................................
BUSINESS. voice:408.862.0540 fax:974.6094 collins@newton.apple.com
Apple Computer, Inc. 1 Infinite Loop, MS 301-2C Cupertino, CA 95014
.......................................................................
PERSONAL. voice/fax:408.257.1746 1024:669687 catalyst@netcom.com
Return to September 1993
Return to “collins@newton.apple.com (Scott Collins)”