[612] in WWW Security List Archive
Re: Netscape Changes RSA tree
daemon@ATHENA.MIT.EDU (Rens Troost)
Sat Apr 22 13:40:22 1995
To: wcs@anchor.ho.att.com
Cc: www-security@ns2.rutgers.edu
In-Reply-To: Your message of "Sat, 22 Apr 1995 01:08:27 PDT."
<9504220808.AA15319@anchor.ho.att.com>
Reply-To: rens@imsi.com
Date: Sat, 22 Apr 1995 10:44:44 -0400
From: Rens Troost <rens@imsi.com>
Errors-To: owner-www-security@ns2.rutgers.edu
>>>>> "wcs" == wcs <wcs@anchor.ho.att.com> writes:
wcs> Hierarchical certification is often not appropriate.
wcs> Generality is good, and it's not much harder than hierarchy,
wcs> and it's a much better thing to build into a tool that will be
wcs> widely used.
This is right on the mark. Would any of the major vendors on this list
care to comment on the direction they plan to take w/r/t certificates
and de-hierarchifying? The strict heirarchical trust model is a serious
impediment to actually getting secure commerce going; it's a barrier
to entry, pure and simple.
-Rens
