Duane wrote:
Nelson pointed out how bad email verification is, but what if that's all you can prove?
IMO, there are cert applications for which "low assurance" is adequate, and there are those for which greater assurances are needed.
By way of example, signed code poses higher risk than signed email text, and so the certs needed for code signing should have high assurance, higher than may be required for email certs. SSL server certs are somewhere in the middle. mozilla treats SSL server certs like code signing certs for java script served over https, IINM, so SSL server certs really should be issued on the basis of the same strong authentication as is more commonly used for code signing cert.
If a CA decides that they are unwilling or unable to do anything stronger than weak assurances, then IMO they should limit themselves to issuing certs that require only low assurances.
Choosing to be a low-assurance CA is a legit choice, IMO, as long as the low assurance CA doesn't then issue certs used in applications that require high assurance.
-- Nelson B _______________________________________________ mozilla-crypto mailing list mozilla-crypto@mozilla.org http://mail.mozilla.org/listinfo/mozilla-crypto