ietf-asrg
[Top] [All Lists]

Re: RE: [Asrg] Certs required to send mail

2003-03-26 02:37:04

VeriSign could only revoke a certificate if either the user had obtained
the certificate fraudulently or had broken the terms of the contract.

This has happened in a number of cases. 


Thank you for that clarification.

Of course it's not required that CA==verisign :-) 
Or that certs issued for particular purposes would be under the same
contract
as certs for other purposes - I guess.

One would hope that a CA generating revenue from this business would
be prepared to spend some on making the certificates useful and not leave
it to 3rd parties to take on the management overhead and exposure to
litigation that revocation would no doubt incur.







--
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg