[19884] in bugtraq
Re: Verisign certificates problem
daemon@ATHENA.MIT.EDU (Wham Bang)
Wed Mar 28 00:50:17 2001
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-ID: <20010327163617.4995.qmail@web10004.mail.yahoo.com>
Date: Tue, 27 Mar 2001 08:36:17 -0800
Reply-To: Wham Bang <wham_bang@YAHOO.COM>
From: Wham Bang <wham_bang@YAHOO.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
Peter Gutmann <pgut001@CS.AUCKLAND.AC.NZ> wrote:
>
> Elias Levy <aleph1@SECURITYFOCUS.COM> writes:
>
> > Actually checking most of the CA certificates shipped with IE
> > less than half have a CPD field. Of the big CA only Entrust
> > seems to use the field.
>
> That's not surprising, they invented and, I believe, patented
> the thing.
Correct. And then, in the interest of standardization, offered
free licensing of the patent - an offer which was taken up by
many companies, including Verisign. You'd think they'd be using
it by now...
From a quick search of Entrust's Web site, one finds:
- http://www.entrust.com/news/files/04_23_98.htm (free license)
- http://www.entrust.com/news/files/11_02_98.htm (Microsoft,
Verisign et al license)
=====
Wham! <wham_bang@yahoo.com>
__________________________________________________
Do You Yahoo!?
Get email at your own domain with Yahoo! Mail.
http://personal.mail.yahoo.com/?.refer=text
