On 7 Dec, 2011, at 11:34 AM, ianG wrote:
>
> Right, but it's getting closer to the truth. Here is the missing link.
>
> Revocation's purpose is one and only one thing: to backstop the liability to
> the CA.
I understand what you're saying, but I don't agree.
CAs have always punted liability. At one point, SSL certs came with a huge
disclaimer in them in ASCII disclaiming all liability. Any CA that accepts
liability is daft. I mean -- why would you do that? Every software license in
the world has a liability statement in it that essentially says they don't even
guarantee that the software contains either ones or zeroes. Why would
certificates be any different?
I don't think it really exists, not the way it gets thrown around as a term.
Liability is a just a bogeyman -- don't go into the woods alone at night,
because the liability will get you!
Jon
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
