1996-02-27 - Re: X.509 certs that don’t guarantee identity

Header Data

From: djw@vplus.com (Dan Weinstein)
To: Alex Strasheim <cp@proust.suba.com>
Message Hash: 4372797e0d31eb13599b7ac5677374d47ad672c2e9e2a9a803ea7214726e83ec
Message ID: <31328ba3.29715249@mail.vplus.com>
Reply To: <199602260448.WAA01201@proust.suba.com>
UTC Datetime: 1996-02-27 04:47:58 UTC
Raw Date: Tue, 27 Feb 1996 12:47:58 +0800

Raw message

From: djw@vplus.com (Dan Weinstein)
Date: Tue, 27 Feb 1996 12:47:58 +0800
To: Alex Strasheim <cp@proust.suba.com>
Subject: Re: X.509 certs that don't guarantee identity
In-Reply-To: <199602260448.WAA01201@proust.suba.com>
Message-ID: <31328ba3.29715249@mail.vplus.com>
MIME-Version: 1.0
Content-Type: text/plain


On Sun, 25 Feb 1996 22:48:51 -0600 (CST), you wrote:

>On the 23rd, Jeff Weinstein said this concerning the natural 
>semi-anonymity of the net:
>
>> Given that verisign and others will soon begin issuing large numbers of
>> certificates that do not guarantee the identity of the key holder, it seems
>> that this tradition will continue even with the wide deployment of X509 
>> certs.
>
>This has been bugging me since I read it.  I'm not sure I understand the 
>plan;  it only makes sense to me if "anonymous" X.509 certs are issued 
>for user authentication only, not for server authentication.  Is that 
>what this is about?
>
>(If anonymous certs are issued for servers, why should such a cert be 
>treated any differently than one I generate on my own, which causes 
>warning screens about an unknown CA to pop up?)

Verisign will offer a number of levels of certificates.  The
certificate that Jeff refered to requires only a unique email address
and is available for free.  For obvious reasons you should not trust
theses keys for credit card information or anything else that you feel
is confidential.  This is why Navigator allows you configure what keys
you accept as well as what certifications you will accept.


Dan Weinstein
djw@vplus.com
http://www.vplus.com/~djw
PGP public key is available from my Home Page.
All opinions expressed above are mine.

"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche







Thread