On Sun, Dec 16, 2012 at 9:48 AM, ianG <[email protected]> wrote: > Just to nitpick on this point, a CA certainly can claim that they or an > agent did not sign a certificate. And, they can provide the evidence, and > should have the ability to do this: CAs internally have logs as to what > they did or did not sign, and this is part of their internal process. > > This is because the real world doesn't trust the cryptographic evidence on > the face of it, we always need to go back to an independent verification of > some form - a further point against Ben's proposal.
You have not substantiated any points, and this is further nonsense: if a CA claims they did not sign something which has been signed with their key, then they are claiming they cannot manage their key. They are still not acting correctly, either way. _______________________________________________ cryptography mailing list [email protected] http://lists.randombit.net/mailman/listinfo/cryptography
