From: Jeff Weinstein <jsw@netscape.com>
To: cypherpunks@toad.com
Message Hash: 46b472a00af8c208b7abe0ebc3fad98a4fad3be479cef73a81bee631955961e7
Message ID: <30C644E3.72CE@netscape.com>
Reply To: <9512062040.AA20810@toad.com>
UTC Datetime: 1995-12-07 01:39:18 UTC
Raw Date: Wed, 6 Dec 95 17:39:18 PST
From: Jeff Weinstein <jsw@netscape.com>
Date: Wed, 6 Dec 95 17:39:18 PST
To: cypherpunks@toad.com
Subject: Re: News on Congressional Debate on Exon
In-Reply-To: <9512062040.AA20810@toad.com>
Message-ID: <30C644E3.72CE@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain
Peter Trei wrote:
> Actually, I've been thinking about this quite a bit recently. I'm building
> an SSL enabled server, and clent-side authentication may provide
> some help. I could see a user getting his or her public key certificate
> signed with different CA keys which assert any number of conditions,
> such as:
>
> Key holder was born before (some particular date).
> Key holder has access to sales data for XYZ corp.
> Key holder is an adult who takes the first amendment seriously.
>
> ... and the server would recognize different CA signatures as permitting
> different levels of access.
This can be done with x509v3 certificate extensions.
--Jeff
--
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.
Return to December 1995
Return to ““Peter Trei” <trei@process.com>”