hi ( 03.09.23 13:45 -0600 ) Anne & Lynn Wheeler: > is it still possible to show that there has been long term, > continuous, non-stop, highest security custodial care of the GTE > cybertrust CA private keys. If there hasn't ... would anybody even > know?
i worked at cybertrust/baltimore up until about 3 years ago [like rats leaving a sinking ship ...].and, as you might imagine i have no idea what's going on with those keys. there was a big institutional fight over how much money to spend on putting those keys in the browsers, now pretty much meaningless. the keys were always well watched, at least while i was there. i had to work in that room a few times, and i was watched then too. the guy who ran the facility [like a tight ship] left shortly after i did, so i have even less faith in the integrity of those certs now than i would have otherwise because his replacement probably couldn't even tell you what TCP stands for. but as you imply, all bets are off now. -- \js --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
