Jon Earle <[EMAIL PROTECTED]> writes:
> At 07:36 AM 3/7/00 -0800, you wrote:
> >Karl Denninger <[EMAIL PROTECTED]> writes:
> > > Well, confidentiality implies integrity, in that a tampered data stream
> > > won't decode. Public key crypto with a known certification on the public
> > > key provid
At 07:36 AM 3/7/00 -0800, you wrote:
>Karl Denninger <[EMAIL PROTECTED]> writes:
> > Well, confidentiality implies integrity, in that a tampered data stream
> > won't decode. Public key crypto with a known certification on the public
> > key provides non-repudiation (assuming the private key has
At 12:23 AM 3/7/00 +0100, you wrote:
> > Yet, in today's world, you cannot have one without the other, which means
> > that to get EITHER you must pay someone.
>
>The pay part is untrue. If you really don't care about authenticity but
>only are interested in confidentiality of your datastream (i
Karl Denninger <[EMAIL PROTECTED]> writes:
> On Tue, Mar 07, 2000 at 12:23:33AM +0100, Jan Meijer wrote:
> > Hi Karl,
> >
> > Whilst taking the risk to look like someone from Microshot, Netscape or the
> > others some comment on your pleads for clarity.
> >
> > > There are to separate things th
Karl Denninger wrote:
> However, the concept that a PERSON needs to pay upwards of
> $100 to get a key
> by which they can have a SSL connection work from a web
> server is insane.
If you look at the simple operation of signing a server certificate,
then sure, that does seem a bit expensive, B
Karl,
> However, the concept that a PERSON needs to pay upwards of $100 to get a key
> by which they can have a SSL connection work from a web server is insane.
It is not! It's a business model and if you're not prepared to pay those
commercial CAs - don't.
> Why are there no public CAs - much
Karl Denninger <[EMAIL PROTECTED]> writes:
> On Mon, Mar 06, 2000 at 02:10:42PM -0800, EKR wrote:
> > The generation, no. However, in order for people sending you mail
> > to be sure that they are not subject to active key substitution
> > attacks, they key pair does need to be securely bound to t
On Tue, Mar 07, 2000 at 12:23:33AM +0100, Jan Meijer wrote:
> Hi Karl,
>
> Whilst taking the risk to look like someone from Microshot, Netscape or the
> others some comment on your pleads for clarity.
>
> > There are to separate things that secure web servers do.
> >
> > 1. Authenticate wh
Absolutely.
I wonder if the DOJ might be interested in this
--
--
Karl Denninger ([EMAIL PROTECTED]) Web: http://childrens-justice.org
Isn't it time we started putting KIDS first? See the above URL for
a plan to do exactly that!
On Mon, Mar 06, 2000 at 05:29:23PM -0500, Eric Moore wrote
On Mon, Mar 06, 2000 at 02:10:42PM -0800, EKR wrote:
> Karl Denninger <[EMAIL PROTECTED]> writes:
> > Well, I understand that, but it seems that people (including Thawte,
> > Microslug and Nutscrape) are missing the point.
> >
> > There are to separate things that secure web servers do.
> >
> >
Hi Karl,
Whilst taking the risk to look like someone from Microshot, Netscape or the
others some comment on your pleads for clarity.
> There are to separate things that secure web servers do.
>
> 1. Authenticate who you're talking to, so that when you engage in
> commerce you have
It seems there is restraint of trade since only a few 'selected'
companies can get on the CA root of IE and Navigator. To pay USD 300
every couple of years to prove you exist is silly. The price of domaine
registration is coming down, why not certs since there is more e-commerce?
In the U.S.
Karl Denninger <[EMAIL PROTECTED]> writes:
> Well, I understand that, but it seems that people (including Thawte,
> Microslug and Nutscrape) are missing the point.
>
> There are to separate things that secure web servers do.
>
> 1.Authenticate who you're talking to, so that when you engage i
On Mon, Mar 06, 2000 at 09:48:47AM -, Airey, John wrote:
> >-Original Message-
> >From: Karl Denninger [mailto:[EMAIL PROTECTED]]
> >Sent: 03 March 2000 15:39
> >To: [EMAIL PROTECTED]
> >Subject: Re: Certificate questions...
>
>
> >Hi John
>-Original Message-
>From: Karl Denninger [mailto:[EMAIL PROTECTED]]
>Sent: 03 March 2000 15:39
>To: [EMAIL PROTECTED]
>Subject: Re: Certificate questions...
>Hi John,
>On Fri, Mar 03, 2000 at 10:06:19AM -, Airey, John wrote:
>> Assuming we are talking
everything is 'domestic strength'
then that's not an issue.
Mikey
Karl Denninger <[EMAIL PROTECTED]> on 03/03/2000 15:39:23
Please respond to [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
cc:(bcc: Mike Innes/Virgin Direct/GB)
Subject: Re: Certificate questions...
Hi
Hi John,
On Fri, Mar 03, 2000 at 10:06:19AM -, Airey, John wrote:
> Assuming we are talking about Thawte's server test certificates, they are
> only for use for one month. Using them helps you to understand how to
> install a real certificate without running the risk of destroying it (a very
On Fri, Mar 03, 2000 at 09:31:58AM +, [EMAIL PROTECTED] wrote:
> Alex,,
> The trouble with using self signed certs is that you need to install the CA
> cert in the browser to stop messages popping up when you connect to the site -
> obviously no real problem as you will either be using th
[EMAIL PROTECTED] wrote:
> Alex,,
> The trouble with using self signed certs is that you need to install the CA
> cert in the browser to stop messages popping up when you connect to the site -
> obviously no real problem as you will either be using them for testing or in a
> closed environme
ou can make
your own certificates anyway. The documentation to do that comes with
openssl.
John
-Original Message-
From: Alex C. Koch [mailto:[EMAIL PROTECTED]]
Sent: 02 March 2000 19:12
To: [EMAIL PROTECTED]
Subject: Re: Certificate questions...
Is getting one of these test certificate
adcacert.cgi)
Mikey
"Alex C. Koch" <[EMAIL PROTECTED]> on 02/03/2000 19:11:58
Please respond to [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
cc:(bcc: Mike Innes/Virgin Direct/GB)
Subject: Re: Certificate questions...
Is getting one of these test certificate better than
Is getting one of these test certificate better than using a self signed
test certificate that can be generated with openSSL? I am currently using
a certificate that I generated myself. What would the advantages be of
using a certificate from Thawte when it is not authenticated by them?
At
22 matches
Mail list logo
