Dennis Glatting wrote:
> ...Certificate theft is but one very real
> problem that undermines the credibility of certificates in general.
Certificates aren't secret data, and *can't* be stolen.
> ...Additionally, not one
> web site I have visited in the last year has asked for my client
> certificate, so the value of having a client certificate, seems to me,
> is zero.
Most client certs are of the Class 1 variety ("Persona not verified").
They aren't identity certs in any meaningful sense, but a binding
of an RFC822 email address to a key pair. That said, client certs
are incredibly useful for secure single sign-on, for access control
based on cert identity, etc.
--
QUI ME AMET, CANEM MEUM ETIAM AMET
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
- Re: Verisign acquisition of Thawte Clifford Heath
- Re: Verisign acquisition of Thawte Massimiliano Pala
- Re: Verisign acquisition of Thawte Erik Aronesty
- Re: Verisign acquisition of Thawte Bill Michaelson
- Re: Verisign acquisition of Thawte Massimiliano Pala
- Re: Verisign acquisition of Thawte Michael Ströder
- Re: Verisign acquisition of Thawte Anonymous remailer
- Re: Verisign acquisition of Thawte Bill Michaelson
- Re: Verisign acquisition of Thawte Massimiliano Pala
- Re: Verisign acquisition of Thawte Dennis Glatting
- Re: Verisign acquisition of Thawte Michael Sierchio
- Re: Verisign acquisition of Thawte Massimiliano Pala
- Re: [openca-devel:167] Re: Verisign acquis... Rasika Amarasiri
- Re: Verisign acquisition of Thawte Michael Sierchio
- RE: Verisign acquisition of Thawte Creed Millman
- Re: Verisign acquisition of Thawte Ben Laurie
- Netscape Browser Choking Sometimes Sean O'Dell
- RE: Verisign acquisition of Thawte Greg Broiles
- Re: Verisign acquisition of Thawte Matti Aarnio
- RE: Verisign acquisition of Thawte kermit-support
