ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Certificate / CPS issues

2003-06-08 16:46:10
from [Valdis . Kletnieks] [Permanent Link] 
On Sun, 08 Jun 2003 11:34:20 BST, you said:

a digital signature *could* be binding even if it's invalid


If it is legal binding, when if the CA signs my certificate would also
be a legal blinding act? Since a certificate is a document that has a
digital signature.

False certification would make CA in trouble regardless of their
disclaimer.


Verisign found that out the hard way with the bogus Microsoft certificate.

The *bigger* problem is that a very high percentage of the private keys out
there are probably stored on one particular series of operating systems that
are well known for their security flaws - and as such, attacking said machines
with malware designed to harvest keys is a high-profit attack.

Attachment: pgpvcT5tRncfp.pgp
Description: PGP signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Certificate / CPS issues, Valdis . Kletnieks
Next by Date:  Re: Engineering to deal with the social problem of spam, Hallam-Baker, Phillip
Previous by Thread:  RE: Certificate / CPS issues, Haren Visavadia
Next by Thread:  RE: Certificate / CPS issues, Hallam-Baker, Phillip
Indexes:  [Date] [Thread] [Top] [All Lists]