1996-03-09 - Re: Not a good idea…
Header Data
From: djw@vplus.com (Dan Weinstein)
To: cypherpunks@toad.com
Message Hash: 50e36d327f8a14a10e43cea7a7ae2bb5f6b0cc3b50c6860496d47d7cdeb0fe80
Message ID: <3140ad62.11966620@mail.vplus.com>
Reply To: <199603081914.NAA02963@proust.suba.com>
UTC Datetime: 1996-03-09 02:14:29 UTC
Raw Date: Sat, 9 Mar 1996 10:14:29 +0800
Raw message
From: djw@vplus.com (Dan Weinstein)
Date: Sat, 9 Mar 1996 10:14:29 +0800
To: cypherpunks@toad.com
Subject: Re: Not a good idea...
In-Reply-To: <199603081914.NAA02963@proust.suba.com>
Message-ID: <3140ad62.11966620@mail.vplus.com>
MIME-Version: 1.0
Content-Type: text/plain
On Fri, 8 Mar 1996 13:14:25 -0600 (CST), Alex Strasheim
<cp@proust.suba.com> wrote:
>Who's liable? Me, Verisign, or Netscape? All of us?
>
>I suspect that if I pass credit card numbers to thieves I'll get in
>trouble, but I don't have any assets.
>
>Verisign didn't make any representations directly to the public, and they
>probably followed the procedure they negotiated with Netscape when they
>issued me my cert.
"For secure servers, VeriSign currently offers a 'high-assurance'
Class 3 Digital ID for electronic commerce servers. " This is from
Verisign's home page. They are saying that this class of certificate
is safe to do commerce with.
>Netscape put together a complicated high-tech system and told the public
>(which doesn't understand cryptography) that their system was suitible for
>commerce -- it's even in the product's name! They didn't build in prudent
>safeguards to prevent me from running my forms processing service, which
>is such a trivial thing to set up that it should have been forseen. (Q:
>I've never gotten a real cert -- do I have to agree to something that
>would prohibit my forms processing business?)
I would think that netscape would only make agreements with CAs that
accepted liability. I would also think that Netscape would only be
liable if they were found to have put in a CA that they had reason to
believe was not taking due diligence to ensure that the key really
belonged to the company that claimed to own it.
Dan Weinstein
djw@vplus.com
http://www.vplus.com/~djw
PGP public key is available from my Home Page.
All opinions expressed above are mine.
"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.
Friedrich Nietzsche
Thread
Return to March 1996
- Return to “Alex Strasheim <cp@proust.suba.com>”
- Return to “djw@vplus.com (Dan Weinstein)”
- Return to “Michael Froomkin <froomkin@law.miami.edu>”
Return to “tcmay@got.net (Timothy C. May)”
- 1996-03-08 (Fri, 8 Mar 1996 13:23:45 +0800) - Not a good idea… - tcmay@got.net (Timothy C. May)
- 1996-03-10 (Mon, 11 Mar 1996 00:18:27 +0800) - Re: Not a good idea… - Alex Strasheim <cp@proust.suba.com>
- 1996-03-08 (Sat, 9 Mar 1996 00:56:01 +0800) - Re: Not a good idea… - Michael Froomkin <froomkin@law.miami.edu>
- 1996-03-08 (Sat, 9 Mar 1996 07:46:29 +0800) - Re: Not a good idea… - Alex Strasheim <cp@proust.suba.com>
- 1996-03-09 (Sat, 9 Mar 1996 10:14:29 +0800) - Re: Not a good idea… - djw@vplus.com (Dan Weinstein)
- 1996-03-08 (Sat, 9 Mar 1996 07:46:29 +0800) - Re: Not a good idea… - Alex Strasheim <cp@proust.suba.com>
- 1996-03-08 (Sat, 9 Mar 1996 00:56:01 +0800) - Re: Not a good idea… - Michael Froomkin <froomkin@law.miami.edu>
- 1996-03-10 (Mon, 11 Mar 1996 00:18:27 +0800) - Re: Not a good idea… - Alex Strasheim <cp@proust.suba.com>