Curt Smith <[EMAIL PROTECTED]> writes: >Certificate Authorities issue certificates complete with CA imposed expiration >dates and usage limitations. (I prefer independent systems with unrestricted >certificates)
So issue your own. Honestly, why would anyone want to *pay* some random CA for this? >Certificate Authorities match individuals to keys (Thanks, but no thanks) And PGP doesn't? Anyway, X.509 certs can be as anonymous as PGP keys. >Certificate Authorities can revoke certificates at anytime (CA-driven DOS >attack) Most implementations ignore revocation, and in any case it's not an issue if you issue your own. Peter.