[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Legal entities who sign

To: "Anders Rundgren" <anders.rundgren@xxxxxxxxx>, <ietf-pkix@xxxxxxx>, "J Adrian Pickering" <jap@xxxxxxxxxxxxxxx>, "Ing. Raffaello Galli" <r.galli@xxxxxxxxxxx>
Subject: Re: Legal entities who sign
From: "Jimi Thompson" <jimit@xxxxxxxxxxx>
Date: Sun, 3 Nov 2002 18:30:40 -0800
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <> <> <>
Reply-to: "Jimi Thompson" <jimit@xxxxxxxxxxx>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

Anders and others,

I tend to agree with you.  There needs to be a legally and probably
governmentally recognized issuing body for the certificates, for a couple of
reasons.  First off, it will halt any squabbling over who the ultimate CA is
going to be.  I also think that this responsibility should move away from
commercial CA's since they have a financial incentive to issue as many certs
as possible and not that much incentive for verification.  In addition, I
find that the fees that they charge are quite high and might prohibit
participation from certain areas of the world.  I think that the Post Office
is probably fairly wise since they tend to be highly physically available in
most parts of the world.   I think that the only thing that's really missing
is a DNS-like standard which would allow verification of authenticity,
parameters of validity, or revocation.

Another 2 cents,

Jimi Thompson

References:
- Legal entities who sign
  - From: Anders Rundgren
- Re: Legal entities who sign
  - From: Jimi Thompson
- Re: Legal entities who sign
  - From: Anders Rundgren

Prev by Date: Criticality and SCVP Extensions
Next by Date: RE: Criticality and SCVP Extensions
Previous by thread: Re: Legal entities who sign
Next by thread: Re: Legal entities who sign
Index(es):
- Date
- Thread