[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Verisign gets export approval

To: Tom Weinstein <[email protected]>
Subject: Re: Verisign gets export approval
From: Steve Schear <[email protected]>
Date: Fri, 18 Jul 1997 08:44:01 -0700
Cc: Lucky Green <[email protected]>, [email protected]
In-Reply-To: <[email protected]>
References: <Pine.3.89.9707171711.A10551-0100000@netcom2>
Sender: [email protected]


> On Thu, 17 Jul 1997, Tom Weinstein wrote:
>>Lucky Green wrote:
>> Even if Communicator would never check CRL's, not even in the future,
>> the mere fact that the Global ID cert have only a one year lifetime
>> means anyone relying on Global ID can be held hostage by threatening
>> to refuse to renew their cert. The reader may not be aware that unlike
>> other certs, the Global ID certs are *only* issued by VeriSign. You
>> can not go to a non-US CA and obtain such a cert. [Which of course
>> would defy the whole purpose of this rather slick deal :-]
>
>Aren't all certs VeriSign issues only valid for one year?  This isn't
>any different.
>
>There's nothing preventing another CA from getting permission from the
>USG to issue these magic certs.  We would have to distribute a patch,
>but I don't see any problem with that.

There's probably no technical reason these patches must originate with
Netscape.  Seems like a healthy cottage industry could spring up to supply
patch software to offshore companies which want magic certs w/o USG
approval.

--Steve

References:
- Re: Verisign gets export approval
  - From: Lucky Green <[email protected]>
- Re: Verisign gets export approval
  - From: Tom Weinstein <[email protected]>

Prev by Date: No Subject
Next by Date: Re: "Time to Walk the Walk down the Gang Plank"
Prev by thread: Re: Verisign gets export approval
Next by thread: Re: Verisign gets export approval
Index(es):
- Date
- Thread