On Thu, 30 Sep 2004, Ian Grigg wrote:
> PKI, and the Customs & Excise's, mistake was to assume that a > key is only useful if it is signed by someone else. From a Right; that is often forgotten and very useful - as the dutch root PKI was signed under rather dubious circumstances (and its safeguarding even more circumspect) we recently guided a customer through essentially accepting any customer key (plain, self signed or 3random rd party signed) and simply got them into the habit of keeping lists of keys accepted (and the mapping to -their- idea what identity it represents). And all in all that maked things a lot more practical; and fitted exactly with the existing paper work flow where they would accept based on caller-ID and a password list. Dw. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
