[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Certificate proposal

To: [email protected] (Jeff Weinstein)
Subject: Re: Certificate proposal
From: Adam Shostack <[email protected]>
Date: Thu, 5 Oct 1995 20:35:34 -0400 (EDT)
Cc: [email protected]
In-Reply-To: <[email protected]> from "Jeff Weinstein" at Oct 5, 95 04:04:12 pm
Sender: [email protected]

Jeff Weinstein wrote:

|   I think the old idea of a certificate just binding a name and
| a key is turning out to not be very useful.  That is why Netscape
| Navigator 2.0 will support x509 version 3 certificates.  They allow
| arbitrary attributes to be signed into a certificate.  In this new
| world, you can think of a certificate as a way of binding a key with
| various arbitrary attributes, one of which may be(but is not
| required to be) a name.

	I'm a bit behind on the X.509 discussion, but does version 3
resist the attack Ross Anderson mentions in his 'Robustness Principles'
paper in Crypto '95?

	(The paper can be found in
ftp.cl.cam.ac.uk:/users/rja14/robustness.ps.Z  The wcf.ps.Z is his
'Why Cryptosystems Fail' paper, and both are well worth reading.)

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
					               -Hume

References:
- Re: Certificate proposal
  - From: Jeff Weinstein <[email protected]>

Prev by Date: Re: subjective names and MITM
Next by Date: Re: Certificate proposal
Prev by thread: Re: Certificate proposal
Next by thread: Re: Certificate proposal
Index(es):
- Date
- Thread