1996-10-12 - Re: exporting signatures only/CAPI (was Re: Why not PGP?)

Header Data

From: Adam Shostack <adam@homeport.org>
To: azur@netcom.com (Steve Schear)
Message Hash: e6a9342e8c1c520bc589bf79ca3e2798469019497f30a1c8f06d799a68dd1124
Message ID: <199610121908.OAA19871@homeport.org>
Reply To: <v02130502ae850fb9a80c@[10.0.2.15]>
UTC Datetime: 1996-10-12 18:03:00 UTC
Raw Date: Sat, 12 Oct 1996 11:03:00 -0700 (PDT)

Raw message

From: Adam Shostack <adam@homeport.org>
Date: Sat, 12 Oct 1996 11:03:00 -0700 (PDT)
To: azur@netcom.com (Steve Schear)
Subject: Re: exporting signatures only/CAPI (was Re: Why not PGP?)
In-Reply-To: <v02130502ae850fb9a80c@[10.0.2.15]>
Message-ID: <199610121908.OAA19871@homeport.org>
MIME-Version: 1.0
Content-Type: text


Steve Schear wrote:
| (Adam Back wrote:)
| >The new owner of the CAPI signatory key would need a good reputation,
| >and presumably a policy of signing any (non-GAKked) CAPI modules
| >signed by microsoft, and anything else that anyone wants signed.

| An excellent suggestion.

	How does a signer maintain a reputation if it will sign
anything anyone wants signed?  I can see a business for a non-US
company to certify a CSP and sign it, but thats not the same as
anything MS signs, or anything anyone else wants signed.

	There may be room for compitition here. :)

Adam

-- 
"Every year the Republicans campaign like Libertarians, and then go to
Wasthington and spend like Democrats."

Vote Harry Browne for President.  http://www.harrybrowne96.org








Thread