[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(fwd) Netscape V2 and Certificates

--- begin forwarded text

From: John Hemming CEO MarketNet <[email protected]>
Date: Thu, 23 Nov 1995 18:54:36 PM PST
To: [email protected]
Mime-Version: 1.0
Subject: Netscape V2 and Certificates

We have now spent an interesting time looking at Netscape V2.

If you are interested in looking at V2 and how it relates to certificates
not signed by Verisign please take version 0.15b of Workhorse at  (Windows 3.1) switch on
the WWW server and try it out.

Basically the client allows an SSL link to a server "signed" by a CA
that it does not know ("EuroSign") the only problem being that if it
does not know the CA then it cannot check the signature.

I do think this is a major improvement, however, in that it raises
properly the issue of authentication of servers and makes it clear
that the client user should properly consider the server.

At the end of the day the commercial strengths of the server merchant and its
authorisation is more important than who has signed its certificate.  I can
happily obtain certificates for MarketNet even though there is a
US MarketNet Corp.  This is because I have a UK organisation called
MarketNet.  The name, therefore, is not in itself significant.

It is also interesting that Netscape will be checking the domain name in
the near future.  Realistically many people have a large number of
different domain names all pointing at the same server so a generic domain name
is likely to be the most common registration anyway.

At Eurosign.com we will be offering free Certification of a Keypair.  We
wish to ensure that further certification actually means something
commercially viable (eg a Bank regulated by the relevant organisation).
However, as our first offering we will be simply certifying that we have
received valid certificate requests. (they will be short term certs, however)

We have not fully allocated our domain name as yet (as far as I have
been told) although the experimental server (not advised for live use as
there are a number of flaws) was released today.  Eurosign's alpha
test site is at

--- end forwarded text

Robert Hettinga ([email protected])
e$, 44 Farquhar Street, Boston, MA 02131 USA (617) 958-3971
"Reality is not optional." --Thomas Sowell
The e$ Home Page: http://www.webstuff.apple.com/~vinnie/Rah
>>>>Phree Phil: Email: zld[email protected]  http://www.netresponse.com/zldf <<<<<