[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Common misconception #10. was RE: NEW Data type forcertificate

To: "Ed Gerck" <egerck@xxxxxxxxxxxxxxxxxxx>
Subject: RE: Common misconception #10. was RE: NEW Data type forcertificate
From: "Phillip M Hallam-Baker" <pbaker@xxxxxxxxxxxx>
Date: Fri, 9 Oct 1998 16:09:05 -0400
Cc: "Anders Rundgren" <anders.rundgren@xxxxxxxxxx>, <ietf-pkix@xxxxxxx>, "Einar Stefferud" <Stef@xxxxxxx>
Importance: Normal
In-reply-to: <>
Sender: owner-ietf-pkix@xxxxxxx

> My assertion was "every PKIX CA must inevitably disclaim all legal
> liability to the user" -- not to the subscriber.

A statement which is untrue, completely and utterly wrong.


> BTW, you did not show any counterarguments.

I believe that I countered your statement that a CPS cannot
be audited by stating that the ABA was working on audit standards
for that very purpose.

As an employee of the major CA on the Internet I am not going
to speculate on the future liabilities or insurance which might
be offered by VeriSign or any of its competitors here. The PKIX 
architecture does not prevent such products being offered or 
supported which was your claim.

I will merely remind people that five years ago folk were loudly
proclaiming that a public CA such as VeriSign was an impossibility.

		Phill

Follow-Ups:
- RE: Common misconception #10. was RE: NEW Data type forcertificate
  - From: Ed Gerck

References:
- RE: Common misconception #10. was RE: NEW Data type forcertificate
  - From: Ed Gerck

Prev by Date: RE: NEW Data type for certificate selection ?
Next by Date: RE: NEW Data type for certificate selection ?
Previous by thread: RE: Common misconception #10. was RE: NEW Data type forcertificate
Next by thread: RE: Common misconception #10. was RE: NEW Data type forcertificate
Index(es):
- Date
- Thread