From: “Amanda Walker” <amanda@intercon.com>
To: “Kipp E.B. Hickman” <kipp@warp.mcom.com>
Message Hash: d043e6b20d8f99b878f628c2475ed778eda26ee902d68cc69c18e69d62e6c375
Message ID: <9412131653.AA45063@amanda.dial.intercon.com>
Reply To: N/A
UTC Datetime: 1994-12-13 21:56:43 UTC
Raw Date: Tue, 13 Dec 94 13:56:43 PST
From: "Amanda Walker" <amanda@intercon.com>
Date: Tue, 13 Dec 94 13:56:43 PST
To: "Kipp E.B. Hickman" <kipp@warp.mcom.com>
Subject: Re: Clarification of my remarks about Netscape
Message-ID: <9412131653.AA45063@amanda.dial.intercon.com>
MIME-Version: 1.0
Content-Type: text/plain
> I didn't bother imbedding the RSA Unaffiliated User CA because I
> didn't think server operators would use it to get certificates.
Well, it's what Apple is using for PowerTalk signers (which are a key pair and
X.509 certificates, by default from the Unaffiliated User PCA). It makes
sense for personal (as opposed to organizational) servers, such as someone
running MacHTTP for their home page...
On the other hand, if RSA has set up a server PCA, that should be suffcient
for now. I wonder what the certification policy is, though--how do you prove
that you control a given server? For an Unaffiliated User CA certificate, you
just have to show a notarized application and two forms of ID, one with a
photo (driver's license, passport, etc.). I can't off hand think of an
equivalently strong way to ID control of a server...
Amanda Walker
InterCon Systems Corporation
Return to December 1994
Return to “Hal <hfinney@shell.portal.com>”