On 5/19/05, Ian G <[EMAIL PROTECTED]> wrote: > On Thursday 19 May 2005 23:25, Ram A Moskovitz wrote: > > > > If it is the US government then it is probably > > > easier to ask Verisign. > > > > I don't think it would be tougher for the US gov to get a certificate > > out of one US corp or another assuming they had legal grounds to do so > > and the employees saw no ethnical problem with doing so. If there is a > > difference I think it is the opposite of what you suggest. VeriSign > > can afford to fight requests it has problems with while a smaller > > company may find it much harder. There is a weak analogue available in > > the way ISPs are handling requests for their customer's information - > > of course the ISPs don't live by a repuation that depends on trust so > > they are not as motivated to avoid trust breaches. > > Perhaps. We are dealing with a hypothetical and > we can only conjecture as to how this would unfold. > It may be that Verisign would fight it, but as they > have much more revenue from the federal government > I personally would bet that they wouldn't fight it.
You have data that shows VeriSign makes more money of the US Fed than off the commercial sector? I believe that is false; citation please. > Also, > if one is to look at the location, board, and interlinkings, > it has often been commented that Verisign is one of the > closest organisations, along with Oracle by way of > example. I believe that is false; citation please. > > > > In any case I > > > > think you would go along with any legitimate request made by a > > > > legitimate government authority; I would. > > > > > > I think Duane is in Australia. > > > > And so being an upstanding Australian citizen or resident I expect he > > "would go along with any legitimate request made by a legitimate > > government authority" > > OK, so just FYI, that is an approach that > would not work so well outside the US, as > you can perhaps see from Duane's response. My intended meaning of "legitimate" request was a reference to appropriate - the point being to exclude cases of inappropriate or unethical requests. > Many peoples around the world would be > bemused at a direct appeal to nationalism, > and the notion that because someone says > it is legitimate then it somehow is legitimate > > Either way, many Internet people think that > privacy is privacy, and once breached, that > needs to be recognised. > (Which might not then result in much like > refusing the warrant ... but it is certainly > enough to call into question any policy > that says "that's ok coz the government > asked for it" and to render such as not > really popular for Internet open source > groups to consider as part of their policy.) We must each take responsibility for our behavior and that includes testing it our values. _______________________________________________ mozilla-crypto mailing list [email protected] http://mail.mozilla.org/listinfo/mozilla-crypto
