1995-11-30 - Re: The future will be easy to use
Header Data
From: Carl Ellison <cme@TIS.COM>
To: rsalz@osf.org
Message Hash: 75fbbcc7fc554001955432a67b1cda3815b50b574d9b84b848d84a9f98ef254c
Message ID: <9511301511.AA27694@tis.com>
Reply To: <199511292049.MAA01411@comsec.com>
UTC Datetime: 1995-11-30 15:55:30 UTC
Raw Date: Thu, 30 Nov 1995 23:55:30 +0800
Raw message
From: Carl Ellison <cme@TIS.COM>
Date: Thu, 30 Nov 1995 23:55:30 +0800
To: rsalz@osf.org
Subject: Re: The future will be easy to use
In-Reply-To: <199511292049.MAA01411@comsec.com>
Message-ID: <9511301511.AA27694@tis.com>
MIME-Version: 1.0
Content-Type: text/plain
-----BEGIN PGP SIGNED MESSAGE-----
>From: Rich Salz <rsalz@osf.org>
>Date: Wed, 29 Nov 1995 08:54:33 -0500
>Bingo! This is one of the hard parts of certificate authorities; just
>what are you attesting to? The American Bar Association has a big document
>for public review that addresses what this might mean; there are a couple
>of RFC's that specify CA policies (one from COST in Sweden, I think), and
>RSA and/or Verisign will give you their policy in hardcopy.
>
>In x.509v3 certificates, there is an extensible field where the key-signer
>can put arbitrary data. The intent is apparently that you put the ISO
>object-ID (you know, those funny 1.3.2.11.... numbers) of the policy
>document.
Ah, yes. Here's another example of the problem with ASN.1. That field
could equivalently be just a URL for the policy document (or, if short
enough, the policy itself). However, ASN.1 seduced folks into indirecting
this through some object ID -- bringing all these documents into the one
master hierarchy of things in the world.
Some people just like hierarchies, I guess. :)
>There is, of course, no way to interpret the semantics of this electronically.
Of course not. In the end, a human needs to make the decision based on
ASCII text.
>It will be interesting to see how various companies address this issue,
>for example as they start to support arbitrary CA's in browsers or servers
>while doing commerce over the web.
Yup.
- Carl
+--------------------------------------------------------------------------+
|Carl M. Ellison cme@tis.com http://www.clark.net/pub/cme |
|Trusted Information Systems, Inc. http://www.tis.com/ |
|3060 Washington Road PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD 21738 Tel:(301)854-6889 FAX:(301)854-5363 |
+--------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBML3JY1QXJENzYr45AQHWIwP/VzoZuonIoMbIYHaA+noZpwnmNnxXc+jx
elJNQkHglyE7U1pBfC90s8IewujeG5T97v5g5e9bAXi/gysIPoguAXYSdIufvjz+
+WpCDrxn4UlfRzfOrTOgpZ1KQwPUllywOo1Yehd2h35ctJ8P7sa27mS/AEyET85E
rUvKlVpN/04=
=EhTO
-----END PGP SIGNATURE-----
Thread
Return to November 1995
Return to “Carl Ellison <cme@TIS.COM>”
Unknown thread root
- 1995-11-30 (Thu, 30 Nov 1995 23:55:30 +0800) - Re: The future will be easy to use - Carl Ellison <cme@TIS.COM>