[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Monkeywrenching Certificate Schemes

At 7:15 PM 10/3/95, Carl Ellison wrote:

>Yup.  Verisign is probably going to fight hard to keep their certificate
>model.  On top of them, there's the US Postal Service and a few others,
>fighting over the chance to set up a certificate hierarchy.

Almost needless to say, there is nothing particularly wrong with
certificate-granting agencies. A big caveat: Providing the process is fully

(I'm not addressing issues of implementation, of the "X.509" messinesses, etc.)

The big danger I see in all this talk of "certificate authorities" is that
it won't be a voluntary process. (The same themes as with key escrow.)

I'm not suggesting we waste our time arguing against such certificate
authorities. Rather, we might better spend our time finding ways to
monkeywrench the proposals.

I don't want either the "Postal Service" or "Verisign" given the authority
to approve or disapprove my identity or any identity I may choose to adopt.

Isn't it about time for SAIC to acquire Verisign?

--Tim May (Identity Subject to Approval)

Timothy C. May              | Crypto Anarchy: encryption, digital money,
[email protected]  408-728-0152 | anonymous networks, digital pseudonyms, zero
Corralitos, CA              | knowledge, reputations, information markets,
Higher Power: 2^756839      | black markets, collapse of governments.
"National borders are just speed bumps on the information superhighway."