On Sun, Dec 18, 2005 at 09:47:27AM -0800, James A. Donald wrote: > > Has anyone been attacked through a certificate that > would not have been issued under stricter security? The > article does not mention any such attacks, nor have I > ever heard of such an attack.
Ought we forget that two such certificates were issued to a party (identity, AFAIK, still unknown) claiming to be Microsoft? What, exactly, do you think that party's plans for those certificates were -- and why, exactly, do you think they were inocuous? Thor Lancelot Simon [EMAIL PROTECTED] "We cannot usually in social life pursue a single value or a single moral aim, untroubled by the need to compromise with others." - H.L.A. Hart --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
