Anne & Lynn Wheeler <[EMAIL PROTECTED]> write: >the assertion here is possible threat model confusion when the same exact >technology is used for two significantly different business purposes.
I don't think there's any confusion about the threat model, which is "Users find it too difficult to generate keys/obtain certs, so if the CA doesn't do it for them the users will complain, or not become users at all". Having the CA generate the key addresses this threat model. Peter. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
