Odpowiedz automatyczna:
Do 31 marca jestem na szkoleniu.
W pilnych sprawach prosze o kontakt z Romanem Iwanickim.
Z powazaniem,
Michal Trojnara
>>> "[EMAIL PROTECTED]" 03/31/00 19:21 >>>
hi,
On Fri, 31 Mar 2000, Mark H. Wood wrote:
> On Thu, 30 Mar 2000 [EMAIL PROTECTED] wrote:
> > You mis
hi,
On Fri, 31 Mar 2000, Mark H. Wood wrote:
> On Thu, 30 Mar 2000 [EMAIL PROTECTED] wrote:
> > You missed my point. Read on...
> >
> > > b) Certificates authenticate that the person is who they say they
> > > are.
hmmm... i have always thought the Certs from CA simply say yeah we know
a
mwood> Now I am surprised. The key only means that you have a
mwood> reasonably secure channel to an unknown endpoint. Do lots of
mwood> people really believe that it means any more than that? That
mwood> is frightening.
You wouldn't believe what J. Random Luser can believe...
--
Richard Lev
On Thu, 30 Mar 2000 [EMAIL PROTECTED] wrote:
> You missed my point. Read on...
>
> > b) Certificates authenticate that the person is who they say they
> > are.
> >
> > Trust goes to trusting that second statement, not the trustworthiness
> > of the company behind the statement.
> >
>
>
On Thu, 30 Mar 2000, Thomas Reinke wrote:
> [EMAIL PROTECTED] wrote:
> > So it seems to me that while the cert may certify that said organization
> > is who they say they are - nobody seems to ask if who they say they are
> > has any relevance to anything.
>
> [snip]
>
> Look back to the problem
You missed my point. Read on...
> b) Certificates authenticate that the person is who they say they
> are.
>
> Trust goes to trusting that second statement, not the trustworthiness
> of the company behind the statement.
>
People in general presume that when they see the little key th
[EMAIL PROTECTED] wrote:
>
> So it seems to me that while the cert may certify that said organization
> is who they say they are - nobody seems to ask if who they say they are
> has any relevance to anything.
[snip]
Look back to the problem it is solving
a) SSL makes sure no-one can interc
Err Verisign bought Thawte last year :)
At 09:45 pm 28/03/00, you wrote:
>Gee,
>
>Before I get flamed for the Subject:
>Of course, Verisign and Thawte are American and South African
>companies, so cannot be a monopoly(Two American companies
>doing this likely would), and of course NSI, the majo
SA
> -Original Message-
> From: [EMAIL PROTECTED]
> [mailto:[EMAIL PROTECTED]]On Behalf Of dreamwvr
> Sent: Tuesday, March 28, 2000 6:18 PM
> To: [EMAIL PROTECTED]; Hostmaster; [EMAIL PROTECTED]
> Subject: RE: Verisign/NSI/Thawte monopoly
>
>
> hi,
> IMHO
I looked closely into purchasing a cert from Thawte and it is still
something WE'll have to do. What strikes me though is that it seems to me
that there is no real value in such a thing.
I can for instance incorporate a company and shell out about $200 and get
my cert. After that everyone trust
On Tuesday, March 28, 2000 at 04:18:15 PM, [EMAIL PROTECTED] wrote:
> hi,
> IMHO someone should create a central trusted CA that is open sourced for
> all to trust however that would take some doing..;-)) ..anyone interested:-))
I'm game for putting in some time/effort - but I think you're po
]
> Subject: RE: Verisign/NSI/Thawte monopoly
>
>
> hi,
> IMHO someone should create a central trusted CA that is
> open sourced for
> all to trust however that would take some doing..;-))
> ..anyone interested:-))
> On Tue, 28 Mar 2000, Hostmaster wrote:
> > There is n
Odpowiedz automatyczna:
Do 31 marca jestem na szkoleniu.
W pilnych sprawach prosze o kontakt z Romanem Iwanickim.
Z powazaniem,
Michal Trojnara
>>> "[EMAIL PROTECTED]" 03/29/00 01:18 >>>
hi,
IMHO someone should create a central trusted CA that is open sourced for
all to trust however th
hi,
IMHO someone should create a central trusted CA that is open sourced for
all to trust however that would take some doing..;-)) ..anyone interested:-))
On Tue, 28 Mar 2000, Hostmaster wrote:
> There is no governing body that I am aware of. Is it to be yet
> another Amercian led thing? That
There is no governing body that I am aware of. Is it to be yet
another Amercian led thing? That is what got things to the state
they're in now.
Also, what would be an appropriate list to discuss these things, if
not openssl-users?
Bill Laakkonen
www.im1.net
> -BEGIN PGP SIGNED MESSAGE-
[EMAIL PROTECTED] wrote:
>
> Gee,
>
> Before I get flamed for the Subject:
> Of course, Verisign and Thawte are American and South African
> companies, so cannot be a monopoly
You are not well informed on the subject of law in the EU or US.
A merger, acquisition or other alliance that does or h
Hi there,
>It's time to have some kind of governing body
>to force the browser makers include all accredited
>CA's in the list of automatically trusted CA's.
>Not the ones that pay them big $$$.
Only if they also ensure that the CAs also pass some level of periodic
audit-review to ensure they're
This is way off-topic, but:
>force the browser makers include all accredited CA's in the list
Please define "accredited CA"
But somewhere else, not this list. :)
__
OpenSSL Project http://www.ope
-BEGIN PGP SIGNED MESSAGE-
It's time to have some kind of governing body
to force the browser makers include all accredited
CA's in the list of automatically trusted CA's.
Not the ones that pay them big $$$.
Cheers
Paul
On Tue, 28 Mar 2000, you wrote:
> Gee,
>
> Before I get flamed for
Gee,
Before I get flamed for the Subject:
Of course, Verisign and Thawte are American and South African
companies, so cannot be a monopoly(Two American companies
doing this likely would), and of course NSI, the major marketer of
Versign certs, is a registrar for domains, and this cannot be
co
20 matches
Mail list logo
