At 02:09 PM 7/28/04 -0400, Adam Back wrote:
>The difference is if the CA does not generate private keys, there
>should be only one certificate per email address, so if two are
>discovered in the wild the user has a transferable proof that the CA
>is up-to-no-good.  Ie the difference is it is detectable and provable.

Who cares?  A CA is not legally liable for anything they
sign.  A govt is not liable for a false ID they issue
a protected witness.  The emperor has no clothes, just
a reputation, unchallenged, ergo vapor.




=================================================
36 Laurelwood Dr
Irvine CA 92620-1299

VOX: (714) 544-9727 (home) mnemonic: P1G JIG WRAP
VOX: (949) 462-6726 (work -don't leave msgs, I can't pick them up)
                           mnemonic: WIZ GOB MRAM
ICBM: -117.7621, 33.7275
HTTP: http://68.5.216.23:81 (back up, but not 99.999% reliable)
PGP PUBLIC KEY: by arrangement

Send plain ASCII text not HTML lest ye be misquoted

------

"Don't 'sir' me, young man, you have no idea who you're dealing with"
Tommy Lee Jones, MIB

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to