[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PGP, Inc.



[Actually talking about VeriSign certs]

On Thu, 9 May 1996, Lucky Green wrote:

> At 23:10 5/9/96, E. ALLEN SMITH wrote:
> 
>>        The first level, in other words, is less of a certification than a
>>PGP key with self-signature and signature from one other person. It
>>doesn't have _any_ effort to verify that the email address stated on it
>>is the actual email address of that nym. Or am I misinterpreting you?

For the first level, this is correct. I didn't even see an AUP
discouraging spoofing.

> I was on a panel with a representative from VeriSign at Interop in Las
> Vegas. He said that uniqueness was the only requirement for the first level
> of cert. I don't have any information beyond that.

Just visit www.verisign.com with the Netscape 3.x beta and see.

-rich