At Thu, 28 Feb 2008 12:38:16 -0600, > Dean Willis wrote: > Eric Rescorla wrote: > > At Wed, 27 Feb 2008 08:59:10 -0800 (PST), > > Harsh Kupwade wrote: > >> [1 <text/plain; iso-8859-1 (8bit)>] > >> How can we verify a certificate from a random CA? It will definitely > >> be a serious threat in the near future. > > > > Uh, that the trust anchors are publicly known and compiled into > > your client. > > Ok, so check out https://www.softarmor.com and tell me how it works out.
What point are you trying to make? A certificate is a data format. Obviously, it's possible to have a certificate signed by a trust anchor that isn't commonly trusted. So what? For the Nth time, this is equally possible with an identity-based scheme. -Ekr _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
