From: Jeff Weinstein <jsw@netscape.com>
To: “Michael A. Atzet” <atzet@vnet.ibm.com>
Message Hash: 8f74d4617588517c345e45eb9a1e8db5c3691521fe09941e1e5aa96ecbd0d2f0
Message ID: <31365328.7DEE@netscape.com>
Reply To: <199602260448.WAA01201@proust.suba.com>
UTC Datetime: 1996-03-01 03:45:05 UTC
Raw Date: Fri, 1 Mar 1996 11:45:05 +0800
From: Jeff Weinstein <jsw@netscape.com>
Date: Fri, 1 Mar 1996 11:45:05 +0800
To: "Michael A. Atzet" <atzet@vnet.ibm.com>
Subject: Re: X.509 certs that don't guarantee identity
In-Reply-To: <199602260448.WAA01201@proust.suba.com>
Message-ID: <31365328.7DEE@netscape.com>
MIME-Version: 1.0
Content-Type: text/plain
Michael A. Atzet wrote:
> How will Navigator differentiate between the different level certs? I am not
> aware of any fields in the cert itself that designate what level it is.
> I know that the subject info would "look" different for a persons name vs.
> email address vs commom name.
The navigator will not differentiate them. We build in a default set of
CA certificates into the navigator, and then allow the user to modify them as
they see fit based on their local trust policy. The default set of CAs that
we ship with our product will not include the verisign level 1&2 CAs as trusted
SSL Server CAs.
--Jeff
--
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
jsw@netscape.com - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.
Return to March 1996
Return to “Tom Weinstein <tomw@netscape.com>”