1995-10-06 - Re: Certificate proposal

Header Data

From: Hal <hfinney@shell.portal.com>
To: cypherpunks@toad.com
Message Hash: 9f6dc802c9b47612141821c1b44194bb349b9f5340ccea25e6a75deb90cce7ca
Message ID: <199510060419.VAA20574@jobe.shell.portal.com>
Reply To: <9510021553.AA13756@tis.com>
UTC Datetime: 1995-10-06 04:20:34 UTC
Raw Date: Thu, 5 Oct 95 21:20:34 PDT

Raw message

From: Hal <hfinney@shell.portal.com>
Date: Thu, 5 Oct 95 21:20:34 PDT
To: cypherpunks@toad.com
Subject: Re: Certificate proposal
In-Reply-To: <9510021553.AA13756@tis.com>
Message-ID: <199510060419.VAA20574@jobe.shell.portal.com>
MIME-Version: 1.0
Content-Type: text/plain

tomw@orac.engr.sgi.com (Tom Weinstein) writes:

>In article <DG06FE.IA8@sgi.sgi.com>, Hal <hfinney@shell.portal.com> writes:

>> OK, so suppose I want to send my credit card number to Egghead Software.
>> I get one of these new-fangled certificates from somebody, in which
>> VeriSign has certified that key 0x12345678 has hash 0x54321.  I think we
>> can agree that by itself this is not useful.  So, it will also bind in
>> some attribute.  What will that attribute be?

>Um, just a wild guess, but... your credit card number maybe?  (Well,
>okay, its hash.)

I may not have been clear: the certificate I was referring to was the one
from Egghead, the one which I will use to make sure that I have a valid
key for Egghead.  Such a certificate would of course not have my credit
card number; it would probably have some information related to Egghead.
My rhetorical point was that information would most plausibly be a NAME
by which I would refer to Egghead.  I am still trying to understand how
these proposals to take names out of the picture will apply to a
commonplace situation like this one.