pem-dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: pgp

1993-06-16 07:47:00
from [Steve Kent] [Permanent Link] 
Kragen,

        PEM has multiple, independent PCAs at the second tier of the
hierarchy, which provide a form of firewall analogous to your
suggestion of multiple independent CAs.  In fact, CAs are independent
and, because of the name subordination rule that applies to CAs in
PEM, each is limited in the damage that it can do by signing bogus
certificates (a feature not present in PGP where, due to the lack of
naming rules, a party trusted to vouch for other entities can do so
without any constraints on names).

Steve
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • pgp, Kragen Sittler
    • Re: pgp, Steve Kent <=
Previous by Date:  Re: DNs, RDNs, AVAs, and DER coding, Steve Kent
Next by Date:  DNs, RDNs, AVAs, and DER coding, Steve Dusse
Previous by Thread:  pgp, Kragen Sittler
Next by Thread:  RFC-142* request from Latvia, Robert W. Shirey
Indexes:  [Date] [Thread] [Top] [All Lists]