From:                   Anne & Lynn Wheeler
> as part of various integrity issues related to that
> process, there has been a proposal, somewhat backed by
> the ssl domain name certification authority industry
> that domain name owners also register a public key 
> with the domain name infrastructure (in addition to
> identificaiton information). then future communcation
> can be digitally signed and verified with the onfile
> public key. also the ssl domain name certification
> authority industry can require that ssl domain name 
> certificate applications be digitally signed. then the
> certification authority can replace the expensive,
> time-consuming, and error-prone identification
> matching process with a much less-expensive and 
> efficient authentication process by doing a real-time
> retrieval of the on-file publickey from the domain
> name infrastructure for verifying the digital
> signature (in lieu of doing a real-time retrieval of
> the on-file identificaiton information for the
> expensive, time-consuming and error-prone
> identification matching).

Unfortunately most domain name registrars take a
completely irresponsible attitude to domain name theft,
despite the fact that domain name theft is a major
problem.   OpenSRS is good but their resellers a very
bad.  Unfortunately by default, one winds up having the
same password with OpenSRS as with the reseller. 

         James A. Donald

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to