Hi, >> The most that can be supported by the evidence they have is that we do >> not know if those LRAs have that capability or not. Note that that is a >> completely valid criticism and one that we are already moving to address. > > I am member of one of these LRAs and I can tell you that we can NOT > issue a cert for twitter.com. > > That's the only reason I spoke up, because the ongoing bashing of the > DFN-CA starts to get annoying.
Furthermore, I am in possession of a DFN S/MIME client certificate and can confirm that the identification process was thorough. Also, they confirmed that they can only send the certification requests, but not sign locally. Ralph -- Dipl.-Inform. Ralph Holz I8: Network Architectures and Services Technische Universität München http://www.net.in.tum.de/de/mitarbeiter/holz/
signature.asc
Description: OpenPGP digital signature
