On Thu, 30 Mar 2000 [EMAIL PROTECTED] wrote:
> You missed my point. Read on...
>
> > b) Certificates authenticate that the person is who they say they
> > are.
> >
> > Trust goes to trusting that second statement, not the trustworthiness
> > of the company behind the statement.
> >
>
> People in general presume that when they see the little key that they are
> dealing with a "bonified" business. Yes, I know that the certification
> process does not do this. And since it doesn't do this it isn't worth
> much.
Now I am surprised. The key only means that you have a reasonably secure
channel to an unknown endpoint. Do lots of people really believe that it
means any more than that? That is frightening.
--
Mark H. Wood, Lead System Programmer [EMAIL PROTECTED]
"Where's the kaboom? There was supposed to be an Earth-shattering kaboom!"
-- Marvin Martian, 01/01/2000 00:00:00
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]