[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-core-devel
Subject: Re: Root Certificate integration of DFN-PCA
From: Neil Stevens <neil () qualityassistant ! com>
Date: 2002-02-21 19:50:19
[Download RAW message or body]
On Thursday February 21, 2002 11:44, Andreas Pour wrote:
> Just to clarify on this point a bit. The issue is one of legal
> authority. As you know, certificate issuers have procedures in place to
> verify that (i) the organization seeking the certificate is legitimate
> (easy in this case); (ii) that the organization has authorized the root
> certificate; and (iii) that the person submitting the root certificate
> is authorized to do so. Probably there is something else I'm missing,
> but those are the essential issues.
>
> With respect to a root certificate the issue is far more serious. There
> is no way for us to know you are who you claim to be, or, even if so,
> that you are authorized to provide your institution's root certificate.
> Verifying this entails certain legal procedures that we are ill-equipped
> to handle on our own. It's not that they would be overly complicated,
> but you can see the problem if, say, some cracker posing as an official
> convinced us to include a root certificate in the browser.
Do the ones already included in KDE meet this standard? Be consistent.
It's the only way to be fair.
--
Neil Stevens
neil@qualityassistant.com
Don't think of a bug as a problem. Think of it as a call to action.
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic