Jean-Marc Desperrier wrote:
http://thewhir.com/marketwatch/xra021105.cfm
"Certificate authority XRamp (xramp.com) announced on Wednesday that
it is now offering the industry's only 256-bit digital SSL
certificates."
<snip>
In the run up to the RSA conference, one other
little CA is selling OTP tokens, which they claim
stands for "one time password" whereas in
crypto lingo that's always stood for "one time
pad", a known uncrackable standard.
http://www.cbronline.com/article_news.asp?guid=935F7224-CFA2-4FD0-930B-9E5D1794EDAC&z=
Just another day in the security biz!
Frank wrote:
But you do raise a useful point: Maybe I ought to add a section in the
draft CA cert policy noting that inclusion of a CA's certificate does
not constitute endorsement of the CA's marketing claims, etc. I'll
think about this.
My initial reaction would be to leave it out.
The less said the better, you might not want to
get drawn into what is endorsed and what is
not...
iang
--
News and views on what matters in finance+crypto:
http://financialcryptography.com/
_______________________________________________
mozilla-crypto mailing list
[email protected]
http://mail.mozilla.org/listinfo/mozilla-crypto
