[3653] in cryptography@c2.net mail archive
Re: DCSB: Risk Management is Where the Money Is; Trust in
daemon@ATHENA.MIT.EDU (David Hayes)
Mon Nov 16 18:34:01 1998
Date: Mon, 16 Nov 1998 09:42:14 -0600
To: Ian BROWN <I.Brown@cs.ucl.ac.uk>, Enzo Michelangeli <em@who.net>
From: David Hayes <david.hayes@mci.com>
Cc: cryptography <cryptography@c2.net>
In-Reply-To: <516.910954564@cs.ucl.ac.uk>
At 10:56 AM 11/13/98 +0100, Ian BROWN wrote:
> [description of UK's OFTEL plan to license CA's and require that they
> escrow any encryption keys they certify.]
>
>Oh, and CAs aren't allowed to be licensed for certifying signature-only keys
>but unlicensed for certifying encryption-capable keys.
Sounds like a CA could avoid a significant paperwork load by simply
declaring (and enforcing) a policy that it would only certify
signature-only keys.
Or am I missing something obvious here?
--
David Hayes David.Hayes@MCI.Com
Switch Systems Planning & Engineering voice: 972-729-7236
MCI Communications, Inc. VNET: 777-7236
--If these thoughts were MCI's official opinions, the line above would
--read "MCI - Law & Public Policy Department".
