From: "David K. Merriman" <merriman@arn.net>
Date: Thu, 21 Mar 1996 18:25:51 +0800
To: cypherpunks@toad.com
Subject: MS self-generated X.509 validity?
Message-ID: <2.2.32.19960320174659.00687e44@arn.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

I've just had a chance to go through the SDK MS is giving away for their
ActiveX package. Interestingly, there's a little utility included for
generating X.509 certs. The read.me that is included claims that the certs
so generated don't have any real validity, as they're not linked to anything
in the known universe (paraphrasing :-).

My question is, is this an otherwise usable cert? I'll be happy to give
anyone interested a copy of the files (shellback.cer and shellback.spc) I
generated, if they'd like to examine/validate them.

If the certs are, in fact, valid, I'll be glad to make the program available
to others for 'testing purposes'.

Dave Merriman

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMVAn/MVrTvyYOzAZAQERywP+IMBiiAEGkBNI88kuw2WRlYfEOsAD92fl
mfNpiJmb0pYTzljE1PVtLNjLtrXkeu71fTYX34rC90aU7zD/nufmZz+Nrp6TR1Ce
J39A9C5KR7rkNRxvsjOnpyZ1gEHCsOh6ceGVUZidYa+iEvVs20VrlMleS2nz3t6w
4piJt0Bhwqc=
=o+LF
-----END PGP SIGNATURE-----
-------------------------------------------------------------
"Giving money and power to government is like giving 
whiskey and car keys to teenage boys."
                    P. J. O'Rourke (b. 1947), U.S. journalist.
<><><><><><><><><><><><><><><><><><><><><><><><><><><><><><><>
http://www.shellback.com/personal/merriman/index.htm