[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Anonymous Auth Certificates [was: Re: Blinded Identities]

To: [email protected] (Hal Finney)
Subject: Re: Anonymous Auth Certificates [was: Re: Blinded Identities]
From: [email protected] (Steve Schear)
Date: Fri, 25 Oct 1996 23:37:00 -0700
Cc: [email protected]
Sender: [email protected]

>I don't see how authorization certificates solve this problem.  How
>would you determine if someone was qualified to receive an authorization
>certificate?  And what would you do to make them stop using the service
>if they abuse it, and to stop them from getting new authorization
>certificates?
>
>Thanks,
>Hal

I guess I was mistaken about how rigorous identification checking was
performed at various CAs.  Verisign used to advertise three levels of CA
checking, although I can only find two on their Web site at this time.  The
lowest, Class 1, is simply tied to your email address and is inadequate for
my purposes.  Class 2 Digital IDs provide identity assurance by requiring
third-party confirmation of your name, mailing address, and other personal
information.  Although by no means bullet-proof dependence on Class 2 might
be a workable alternative to a substantial, up-front, money escrow (as
suggested) which I believe would make my service unworkable.

-- Steve

Prev by Date: Re: http://www.clintongore96.com/ is hacked.
Next by Date: Re: slander and call for lawyers. :)
Prev by thread: Re: Anonymous Auth Certificates [was: Re: Blinded Identities]
Next by thread: SKIP cryptanalysis?
Index(es):
- Date
- Thread