1995-11-25 - Re: Cypherpunk Certification Authority

Header Data

From: Adam Shostack <adam@lighthouse.homeport.org>
To: froomkin@law.miami.edu (Michael Froomkin)
Message Hash: ee7d7e3e033c9d168d494465b594f78394381eb4763cc9fffa1469153b752641
Message ID: <199511252105.QAA08724@homeport.org>
Reply To: <Pine.SUN.3.91.951125150446.848J-100000@viper.law.miami.edu>
UTC Datetime: 1995-11-25 21:09:38 UTC
Raw Date: Sun, 26 Nov 1995 05:09:38 +0800

Raw message

From: Adam Shostack <adam@lighthouse.homeport.org>
Date: Sun, 26 Nov 1995 05:09:38 +0800
To: froomkin@law.miami.edu (Michael Froomkin)
Subject: Re: Cypherpunk Certification Authority
In-Reply-To: <Pine.SUN.3.91.951125150446.848J-100000@viper.law.miami.edu>
Message-ID: <199511252105.QAA08724@homeport.org>
MIME-Version: 1.0
Content-Type: text



| C) Don't settle for less than X.509 ver 3, because this allows the 
| certificate to carry within it a reference to the location of the CRL 
| list.  Use that feature.

	Does X.509 version 3 fix the problem that Ross Anderson points
out in his 'Robustness Principles' paper? (Crypto '95 proceedings, or
ftp.cl.cam.ac.uk/users/rja14/robustness.ps.Z)

	Its an excellent paper, well worth reading, but the basic
problem is that X.509 encrypts before signing.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume

Thread

• Return to November 1995

• Return to “Adam Shostack <adam@lighthouse.homeport.org>”
• Return to “Aleph One <aleph1@dfw.net>”
• Return to “Alex Strasheim <cp@proust.suba.com>”
• Return to “Andreas Bogk <andreas@artcom.de>”
• Return to “chen@intuit.com (Mark Chen)”
• Return to “Eric Young <eay@mincom.oz.au>”
• Return to “Jeff Weinstein <jsw@netscape.com>”
• Return to “Jyri Kaljundi <jk@digit.ee>”
• Return to “Laurent Demailly <dl@hplyot.obspm.fr>”
• Return to “Michael Froomkin <froomkin@law.miami.edu>”
• Return to ““Perry E. Metzger” <perry@piermont.com>”

• Return to “sameer <sameer@c2.org>”

• 1995-11-25 (Sun, 26 Nov 1995 04:51:44 +0800) - Cypherpunk Certification Authority - Aleph One <aleph1@dfw.net>
  • 1995-11-25 (Sun, 26 Nov 1995 00:57:25 +0800) - Re: Cypherpunk Certification Authority - “Perry E. Metzger” <perry@piermont.com>
    • 1995-11-25 (Sun, 26 Nov 1995 01:45:59 +0800) - Re: Cypherpunk Certification Authority - sameer <sameer@c2.org>
    • 1995-11-25 (Sun, 26 Nov 1995 03:03:26 +0800) - Re: Cypherpunk Certification Authority - Andreas Bogk <andreas@artcom.de>
      • 1995-11-25 (Sun, 26 Nov 1995 04:29:09 +0800) - Re: Cypherpunk Certification Authority - Michael Froomkin <froomkin@law.miami.edu>
        • 1995-11-25 (Sun, 26 Nov 1995 05:09:38 +0800) - Re: Cypherpunk Certification Authority - Adam Shostack <adam@lighthouse.homeport.org>
          • 1995-11-26 (Sun, 26 Nov 1995 10:26:44 +0800) - Re: Cypherpunk Certification Authority - chen@intuit.com (Mark Chen)
    • 1995-11-25 (Sun, 26 Nov 1995 04:33:08 +0800) - Re: Cypherpunk Certification Authority - Aleph One <aleph1@dfw.net>
      • 1995-11-25 (Sun, 26 Nov 1995 05:48:21 +0800) - Re: Cypherpunk Certification Authority - Alex Strasheim <cp@proust.suba.com>
      • 1995-11-27 (Mon, 27 Nov 1995 19:20:22 +0800) - Re: Cypherpunk Certification Authority - Jeff Weinstein <jsw@netscape.com>
        • 1995-11-27 (Tue, 28 Nov 1995 00:37:11 +0800) - Re: Cypherpunk Certification Authority - Jyri Kaljundi <jk@digit.ee>
          • 1995-11-27 (Tue, 28 Nov 1995 01:39:42 +0800) - Re: Cypherpunk Certification Authority - Eric Young <eay@mincom.oz.au>
        • 1995-11-27 (Tue, 28 Nov 1995 01:08:16 +0800) - Re: Cypherpunk Certification Authority - sameer <sameer@c2.org>
      • 1995-11-27 (Tue, 28 Nov 1995 04:39:16 +0800) - Re: Cypherpunk Certification Authority - Laurent Demailly <dl@hplyot.obspm.fr>