[19436] in cryptography@c2.net mail archive
Re: X.509 / PKI, PGP, and IBE Secure Email Technologies
daemon@ATHENA.MIT.EDU (James A. Donald)
Tue Dec 27 17:16:06 2005
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
From: "James A. Donald" <jamesd@echeque.com>
To: cryptography@metzdowd.com
Date: Mon, 26 Dec 2005 09:37:00 -0800
In-reply-to: <43AFE8E4.9080808@garlic.com>
--
From: Anne & Lynn Wheeler
<lynn@garlic.com>
> as part of various integrity issues related to that
> process, there has been a proposal, somewhat backed by
> the ssl domain name certification authority industry
> that domain name owners also register a public key
> with the domain name infrastructure (in addition to
> identificaiton information). then future communcation
> can be digitally signed and verified with the onfile
> public key. also the ssl domain name certification
> authority industry can require that ssl domain name
> certificate applications be digitally signed. then the
> certification authority can replace the expensive,
> time-consuming, and error-prone identification
> matching process with a much less-expensive and
> efficient authentication process by doing a real-time
> retrieval of the on-file publickey from the domain
> name infrastructure for verifying the digital
> signature (in lieu of doing a real-time retrieval of
> the on-file identificaiton information for the
> expensive, time-consuming and error-prone
> identification matching).
Unfortunately most domain name registrars take a
completely irresponsible attitude to domain name theft,
despite the fact that domain name theft is a major
problem. OpenSRS is good but their resellers a very
bad. Unfortunately by default, one winds up having the
same password with OpenSRS as with the reseller.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
LA7xNzxuTFoXA1ir8b2UWqPg/P6NhF+naIs34+LG
49FONv1xLEWSjg/TiZ8oHGLHyCAhQLOM7CzPNCuTD
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
