[541] in cryptography@c2.net mail archive
Re: John Kelsey's post re Protocols Workshop
daemon@ATHENA.MIT.EDU (William S. Frantz)
Tue Apr 15 01:21:30 1997
From: frantz@netcom.com (William S. Frantz)
To: hal@rain.org (Hal Finney)
Date: Mon, 14 Apr 1997 21:25:39 -0700 (PDT)
Cc: cryptography@c2.net
In-Reply-To: <199704140527.WAA03237@crypt.hfinney.com> from "Hal Finney" at Apr 13, 97 10:27:45 pm
> The example I had seen was not a case of revocation, but rather a case
> where a certificate with your name on a key has popped up from a CA you
> never heard of. The CA claims that you did in fact authorize the cert,
> but the paperwork was regrettably destroyed in a fire.... How do you
> distinguish this from the case where you really did hire the CA, then
> when the records were destroyed accidentally you realized you could
> steal things using the key and hope to avoid responsibility?
Why do you assume that just because a CA has issued a cert for a public
key, that the corrisponding secret key holder had anything to do with it?
There is nothing preventing a CA from issuing a cert for any key it can
download from a public key server.
The statements from a CA flow from the CA to the key, not in reverse.
(Living with elm since Netcom has turned off eudora access due to a CERT
flap.)
-----------------------------------------------------------------
Bill Frantz Periwinkle -- Computer Consulting
(408)356-8506 16345 Englewood Ave.
frantz@netcom.com Los Gatos, CA 95032, USA
