[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Auth]a couple of questions and suggestions

From: Norbert Sendetzky
Subject: Re: [Auth]a couple of questions and suggestions
Date: Fri, 13 Jul 2001 21:18:01 +0200

On Friday 13 July 2001 20:40, Norbert Sendetzky wrote:
> On Friday 13 July 2001 15:19, David Sugar wrote:
> > In certificate authorities, I recall that root certificates for each
> > authority must be distributed before certificates issued by that
> > authority can be used. This could present a problem and a means to
> > control and limit what indipendent authorities exist.  Imagine, for
> > example, if MS stuff like IE makes it even harder to load new CA root
> > certificates other than those originally issued with their IE base
> > distribution, and wipes out any add on ones every time you "upgrade". 
> > Also, the CA must then issue the individual certificates for everything
> > that is used and deployed, rather than users individually, as is the case
> > with gpg.
> This may be a real threat!

Sorry, I should think twice before I write once!
Like I mentioned before, if we use certs or public/private keys is irrelevant 
because the browser is only responsible for executing the plugin and 
displaying it. The auth data (cert or key) must be stored by the Auth.GNU 
service and not by the web browser.
But we have to use certificates anyway, because the transport of the data 
(request and reply) must be done in a secure way (encrypted). This should be 
no problem, even if Microsoft wants to make trouble.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]