1995-10-06 - Re: Certificate proposal

Header Data

From: Hal <hfinney@shell.portal.com>
To: cypherpunks@toad.com
Message Hash: 4d742c360850c3b8f3d5418a591ea421d97e0125d9ec3a6e45be9e71a029dcac
Message ID: <199510060039.RAA18405@jobe.shell.portal.com>
Reply To: <9510021553.AA13756@tis.com>
UTC Datetime: 1995-10-06 00:41:02 UTC
Raw Date: Thu, 5 Oct 95 17:41:02 PDT

Raw message

From: Hal <hfinney@shell.portal.com>
Date: Thu, 5 Oct 95 17:41:02 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <9510021553.AA13756@tis.com>
Message-ID: <199510060039.RAA18405@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain

Jeff Weinstein <jsw@netscape.com> writes:
>  I think the old idea of a certificate just binding a name and
>a key is turning out to not be very useful.  That is why Netscape
>Navigator 2.0 will support x509 version 3 certificates.  They allow
>arbitrary attributes to be signed into a certificate.  In this new
>world, you can think of a certificate as a way of binding a key with
>various arbitrary attributes, one of which may be(but is not
>required to be) a name.

OK, so suppose I want to send my credit card number to Egghead Software.
I get one of these new-fangled certificates from somebody, in which
VeriSign has certified that key 0x12345678 has hash 0x54321.  I think we
can agree that by itself this is not useful.  So, it will also bind in
some attribute.  What will that attribute be?