[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: X.509 certs that don't guarantee identity

To: "Michael A. Atzet" <[email protected]>
Subject: Re: X.509 certs that don't guarantee identity
From: Jeff Weinstein <[email protected]>
Date: Thu, 29 Feb 1996 17:30:16 -0800
Cc: [email protected]
Organization: Netscape Communications Corp.
References: <[email protected]> <[email protected]> <[email protected]>
Reply-To: [email protected]
Sender: [email protected]

Michael A. Atzet wrote:
> How will Navigator differentiate between the different level certs? I am not
> aware of any fields in the cert itself that designate what level it is.
> I know that the subject info would "look" different for a persons name vs.
> email address vs commom name.

  The navigator will not differentiate them.  We build in a default set of
CA certificates into the navigator, and then allow the user to modify them as
they see fit based on their local trust policy.  The default set of CAs that
we ship with our product will not include the verisign level 1&2 CAs as trusted
SSL Server CAs.

	--Jeff

-- 
Jeff Weinstein - Electronic Munitions Specialist
Netscape Communication Corporation
[email protected] - http://home.netscape.com/people/jsw
Any opinions expressed above are mine.

References:
- X.509 certs that don't guarantee identity
  - From: Alex Strasheim <[email protected]>
- Re: X.509 certs that don't guarantee identity
  - From: Jeff Weinstein <[email protected]>
- Re: X.509 certs that don't guarantee identity
  - From: "Michael A. Atzet" <[email protected]>

Prev by Date: Re: "Louis Freeh is a Cocksucker"
Next by Date: RE: Possible Java hack
Prev by thread: Re: X.509 certs that don't guarantee identity
Next by thread: How to digitally watermark
Index(es):
- Date
- Thread