Frank Hecker wrote: >One way >to solve the CA problem is to eliminate the need for CAs, i.e., to >support self-signed certificates. > Exactly. >But assuming that the user is using a third-party CA (and is not >creating a self-signed certificate), then do you have any >recommendations for PSM/NSS to address your concerns about privacy and >CAs? > I think that one argument of the CAs for publishing the cert data is validation of the certs. I'm lacking knowledge about OCSP here. If a client asks a CA for validation, does the CA disclose any new information about the cert (apart from the current status)? If so, can that be avoided or can the CA make sure first that all of this information is already known to the client? Removing .mail-news, because this is not a mail-news topic anymore.
- Re: S/MIME prep work begins! Ben Bucksch
- Re: S/MIME prep work begins! Michael Str�der
- Re: S/MIME prep work begins! Frederick Roeber
- Re: S/MIME prep work begins! Ben Bucksch
- Re: S/MIME prep work begins! Graham Leggett
- Re: S/MIME prep work begins! Stuart Ballard
- Re: S/MIME prep work begins! Frederick Roeber
- Re: S/MIME prep work begins! Ben Bucksch
- Re: S/MIME prep work begins! Frank Hecker
- Re: S/MIME prep work begins! Frank Hecker
- Re: S/MIME prep work begins! Ben Bucksch
- Re: S/MIME prep work begins! Ben Bucksch
- Re: S/MIME prep work begins! Ben Bucksch
- Re: S/MIME prep work begins! Robert Bihlmeyer
- Re: S/MIME prep work begins! Michael Str�der
- Re: S/MIME prep work begins! Ben Bucksch
- Re: S/MIME prep work begins! Michael Str�der
- Re: S/MIME prep work begins! Robert Bihlmeyer
- Re: S/MIME prep work begins! Michael Str�der
- Re: S/MIME prep work begins! Frederick Roeber
- Re: S/MIME prep work begins! Michael Str�der
