Eddy Nigg:
PKI wasn't meant to facilitate certificates issued from "random". PKI is
mean disallow anything it doesn't know and doesn't chain to the root. In
the browser we have many roots, but it's the browser fault to allow the
user to ignore and click all th way through to heaven...or hell. :-)
PKI is mean to be strict (avoiding the word perfect)! It's not meant to
be "maybe" valid, "possibly" chained to a root and "likely" not an MITM.
It's meant to provide a clear YES/NO answer. PKI provides what KCM can
not accomplish.
Arrg.../PKI is mean disallow/PKI is meant to disallow/
--
Regards
Signer: Eddy Nigg, StartCom Ltd.
Jabber: [EMAIL PROTECTED]
Blog: https://blog.startcom.org
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto