Anne & Lynn Wheeler <[EMAIL PROTECTED]> write:

>the assertion here is possible threat model confusion when the same exact
>technology is used for two significantly different business purposes.

I don't think there's any confusion about the threat model, which is "Users
find it too difficult to generate keys/obtain certs, so if the CA doesn't do
it for them the users will complain, or not become users at all".  Having the
CA generate the key addresses this threat model.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to