[8121] in cryptography@c2.net mail archive
Re: Public Key Infrastructure: An Artifact...
daemon@ATHENA.MIT.EDU (Mark Scherling)
Thu Nov 23 18:14:16 2000
Message-ID: <3A1D52E3.7CE8638F@xcert.com>
Date: Thu, 23 Nov 2000 09:24:51 -0800
From: Mark Scherling <mscherling@xcert.com>
MIME-Version: 1.0
To: Bram Cohen <bram@gawth.com>
Cc: Lynn.Wheeler@firstdata.com, "Arnold G. Reinhold" <reinhold@world.std.com>,
Ben Laurie <ben@algroup.co.uk>, obfuscation@beta.freedom.net,
cryptography@c2.net, cypherpunks@cyberpass.net, dcsb@ai.mit.edu
Content-Type: multipart/mixed;
boundary="------------227F0EE562368F47E073E73A"
This is a multi-part message in MIME format.
--------------227F0EE562368F47E073E73A
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
I would like to get further information as to why you don't think revocation does
not work? I'll admit that in the case of the revocation of Sun's certificates, it
was very apparent that the notification process was weak. The other piece, the
browser checking of expired/revoked certificates is non-existent but if you properly
set up your application, it "should" check the revocation status of both the CA
certificate and the subscriber's certificate.
Your thoughts?
Bram Cohen wrote:
> On Wed, 22 Nov 2000 Lynn.Wheeler@firstdata.com wrote:
>
> > the other scenerio that some certification agencies have expressed (i.e.
> > licensing bureaus, bbb, consumer report, etc operations) is that in the online
> > world ... that they would provide an online service .... rather than
> > certificates designed for an offline world.
>
> Yes, it seems fairly well established that revocations just plain don't
> work.
>
> Once again, the solution to the problems of offline operation appears to
> be online operation.
>
> -Bram Cohen
>
> For help on using this list (especially unsubscribing), send a message to
> "dcsb-request@reservoir.com" with one line of text: "help".
--------------227F0EE562368F47E073E73A
Content-Type: text/x-vcard; charset=us-ascii;
name="mscherling.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Mark Scherling
Content-Disposition: attachment;
filename="mscherling.vcf"
begin:vcard
n:Scherling;Mark
x-mozilla-html:FALSE
adr:;;;;;;
version:2.1
email;internet:mscherling@xcert.com
note;quoted-printable:"Validate so you can trust,=0D=0AAccreditate so we can trust"
fn:Mark Scherling
end:vcard
--------------227F0EE562368F47E073E73A--
