I tried to find out about requirements in the Entrust CPS
(http://www.entrust.net/CPS/pdf/webcps051404.pdf) however couldn't find
any regulation concerning cross-signing. Maybe this is covered in a
different document of theirs.
However I also couldn't find any regulation concerning S/MIME and
At 10:48 AM -0400 5/2/08, Frank Hecker wrote:
On Fri, May 2, 2008 at 8:08 AM, Eddy Nigg (StartCom Ltd.)
[EMAIL PROTECTED] wrote:
In comment https://bugzilla.mozilla.org/show_bug.cgi?id=431621#c5 the
representative of DigiNotar (Kick) notes that their CA root has been
cross-signed by
Paul Hoffman:
There is also a policy question of whether or not Entrust's CPS says
what cross-signing means in a way that both we and the auditors can
understand. On its face (without having read the documents), I think
it sounds pretty shaky to have a CA saying you can trust that other
CA to
I think the point is microsoft is storing passwords rather than
salted, iterated hashes of passwords, storing EFS symmetric keys in
clear text or lightly obfuscated in LSA keys which is not encrypted,
just protected by policy tied to the windows login, and all these
insecure things vs say linux
4 matches
Mail list logo