1996-05-11 - Re: PGP, Inc.

Header Data

From: dan@vplus.com (Dan Weinstein)
To: timd@consensus.com (Tim Dierks)
Message Hash: 34427c4df1ea53978a4d9b45f0e9517d4cdffc62a634d96a652226e9ba4172a8
Message ID: <3193e30f.2723100@mail.vplus.com>
Reply To: <v02140b03adb92b2dbc65@[205.149.165.24]>
UTC Datetime: 1996-05-11 07:49:55 UTC
Raw Date: Sat, 11 May 1996 15:49:55 +0800

Raw message

From: dan@vplus.com (Dan Weinstein)
Date: Sat, 11 May 1996 15:49:55 +0800
To: timd@consensus.com (Tim Dierks)
Subject: Re: PGP, Inc.
In-Reply-To: <v02140b03adb92b2dbc65@[205.149.165.24]>
Message-ID: <3193e30f.2723100@mail.vplus.com>
MIME-Version: 1.0
Content-Type: text/plain


On Fri, 10 May 1996 10:22:24 -0700, timd@consensus.com wrote:
>
>The only effort they make is that when using the email-based CA, it mails
>the certificate to the address within, so it's not trivial to get a cert
>for an address that you don't have access to. (I'm not saying it's
>impossible, or even hard, just that it requires some skill and effort).

I don't believe this is correct.  They send you information after you
have created the cert verifying that you set it up, but nothing
requires a response and the key is transfered via http.


Dan Weinstein
djw@vplus.com
http://www.vplus.com/~djw
PGP public key is available from my Home Page.
All opinions expressed above are mine.

"I understand by 'freedom of Spirit' something quite definite -
the unconditional will to say No, where it is dangerous to say
No.        
           Friedrich Nietzsche







Thread