pem-dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Linking disclaimers to DNs

1993-08-19 14:48:00
from [John Lowry] [Permanent Link] 
John,



The title of the message thread was not mine, and is 
quite misleading. I was NOT trying to link authorizations
to the DN, but rather to include a Disclaimer within the
certificate. One is positive, one is negative, and there is 
quite a difference.

No difference.  Neither authorizations disclaimers belong in a DN.  A DN helps 
to establish
an identity, it is not the identity.  My driver license helps to establish my 
identity, it carries no
disclaimer regarding my relationship to BBN.


My understanding at the time was that the PCAs were 
unwilling, for a number of presumably valid business
reasons, to include such a disclaimer in their policy
statements. Now it appears that the winds may be
changing, so all of this argument may have become 
moot.

I would believe that  a PCA would limit their liability for actions of CAs and 
certificate
holders.  There is nothing that can take away individual responsibility.  
Individuals will
always be presumed to be responsible for their actions until proven otherwise.  
There is
nothing I can do to limit your responsiblity for you acts.  I can only deny MY 
responsibility
for your acts.


I could imagine a MIME/PEM compliant content which has as attributes such

disclaimers.



Once more, with feeling: HOW DO YOU GET THE PERSON
WHO STOLE YOUR KEY TO USE THE PROPER FORM??!

Who cares.  This was discussed two years ago and it is getting old.  The 
question goes back
to "What does a digital signature on an electronic document really mean".  The 
proper analogue
is what is currently done in the real world for holographic signatures.  
Borderline cases will be 
settled as a part of common law or legislation.  What do you do currently when 
someone 
forges your signature ?  What do you do when someone depends on an instrument 
that is 
insufficiently verified ?  Mortagages, wills, contracts, etc. typically require 
(with feeling) LOTS more than just your signature, forged or otherwise.


Come on, people, this shouldn't be a hard concept to grasp!
There are any number of ways that authorizations can 
be added. The trick is how to take them away, or how to 
avoid being stuck with them from the beginning, if that is
your intent.


Come on, Bob, this isn't really hard at all.  The current analogs for when you 
depend
on signed documents, when you believe that someone is or is not authorized, 
when you
ACT on instruments presented to you suffice.  It is sometimes decided that the 
person
who acted did so without proper "care" (legal term).


Bob


John
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  PCA Policies, jueneman%wotan
Next by Date:  Re: PEM/MIME OCR format, John Lowry
Previous by Thread:  PCA Policies, jueneman%wotan
Next by Thread:  Re: Linking disclaimers to DNs, Theodore Ts'o
Indexes:  [Date] [Thread] [Top] [All Lists]