From: Wei Dai <weidai@eskimo.com>
Date: Fri, 6 Oct 95 00:56:14 PDT
To: Jeff Weinstein <jsw@netscape.com>
Subject: Re: Certificates, Attributes, Web of Trust
In-Reply-To: <3074DAAB.3D62@netscape.com>
Message-ID: <Pine.SUN.3.91.951006005515.20417B-100000@eskimo.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 6 Oct 1995, Jeff Weinstein wrote:
 
>   If you take a look at verisign's home page, they will be offering
> "low assurance" certificates for free for non-commercial uses.  The
> only thing they will guarantee about these certs is that the subject
> name in the certificate is unique across all certificates signed
> by their class I CA.  You should be able to get one of these
> certs in real time via an HTML form.
 
What is the point of this?  What is to prevent someone from
getting certificates for a million of the most common and/or famous names
as quickly as possible?
 
Wei Dai