1996-05-10 - Re: PGP, Inc.
Header Data
From: “E. ALLEN SMITH” <EALLENSMITH@ocelot.Rutgers.EDU>
To: shamrock@netcom.com
Message Hash: 4a23b86eaa8cbb8e2c463b8d8df7417e699fca29bff68dd5a486d422a689a180
Message ID: <01I4IPAJCSGG8Y5AJT@mbcl.rutgers.edu>
Reply To: N/A
UTC Datetime: 1996-05-10 21:32:09 UTC
Raw Date: Sat, 11 May 1996 05:32:09 +0800
Raw message
From: "E. ALLEN SMITH" <EALLENSMITH@ocelot.Rutgers.EDU>
Date: Sat, 11 May 1996 05:32:09 +0800
To: shamrock@netcom.com
Subject: Re: PGP, Inc.
Message-ID: <01I4IPAJCSGG8Y5AJT@mbcl.rutgers.edu>
MIME-Version: 1.0
Content-Type: text/plain
From: IN%"shamrock@netcom.com" 9-MAY-1996 23:02:01.67
>At 19:37 5/9/96, E. ALLEN SMITH wrote:
>> I can see some fascinating legal questions with what, exactly, a
>>VeriSign certificate obligates the company for. Digital signature laws should
>>get interesting - any application of this to the Utah one?
>VeriSign is going to offer four levels of certs. The first requires only
>uniqueness. For the other three levels, VeriSign will require more and
>better assurances of the correctness of True Name stated on the cert. I
>don't know what form these assurances are supposed to take.
The first level, in other words, is less of a certification than a PGP
key with self-signature and signature from one other person. It doesn't have
_any_ effort to verify that the email address stated on it is the actual email
address of that nym. Or am I misinterpreting you?
-Allen
Thread
Return to May 1996
- Return to “Adam Shostack <adam@lighthouse.homeport.org>”
- Return to “Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>”
Return to ““E. ALLEN SMITH” <EALLENSMITH@ocelot.Rutgers.EDU>”
- 1996-05-10 (Sat, 11 May 1996 05:32:09 +0800) - Re: PGP, Inc. - “E. ALLEN SMITH” <EALLENSMITH@ocelot.Rutgers.EDU>
- 1996-05-11 (Sat, 11 May 1996 09:50:05 +0800) - Re: PGP, Inc. - Adam Shostack <adam@lighthouse.homeport.org>
- 1996-05-11 (Sat, 11 May 1996 14:06:17 +0800) - Re: PGP, Inc. - Andrew Loewenstern <andrew_loewenstern@il.us.swissbank.com>