From: hallam@w3.org
To: Adam Shostack <cypherpunks@toad.com
Message Hash: 76ce3eb4e2b0ff97b9dfaa465cb192e63420957f21744bcf508a4ea1d2af552a
Message ID: <9601302350.AA29444@zorch.w3.org>
Reply To: <199601291523.KAA03337@homeport.org>
UTC Datetime: 1996-02-01 01:16:45 UTC
Raw Date: Thu, 1 Feb 1996 09:16:45 +0800
From: hallam@w3.org
Date: Thu, 1 Feb 1996 09:16:45 +0800
To: Adam Shostack <cypherpunks@toad.com
Subject: Re: Netscape, CAs, and Verisign
In-Reply-To: <199601291523.KAA03337@homeport.org>
Message-ID: <9601302350.AA29444@zorch.w3.org>
MIME-Version: 1.0
Content-Type: text/plain
A lot of people seem to misunderstand the Verisign plan, they are not simply
looking to be a CA, they are looking to help other people become CAs. There is
clearly a usefull role for a company to do this. there is also a usefull role
for two, or more.
Question is how can Netscape (or anyone else) _securely_ allow an arbitrary CA's
certificate to be used? Certainly the process cannot be automatic. Binding the
Verisign public key into the browser may be an undesirable solution, but the
problem is to think of a better one.
Phill
Return to February 1996
Return to “sameer <sameer@nic.ai>”