CFP: PKI research workshop
Eric Rescorla
ekr at rtfm.com
Mon Jan 14 10:10:21 EST 2002
<pasward at big.uwaterloo.ca> writes:
> Eric Rescorla writes:
> > Ben Laurie <ben at algroup.co.uk> writes:
> > > And most (all?) commercial CAs then disclaim any responsibility for
> > > having actually checked that right correctly...
> > While this is true, I'd point out that all the security software
> > you're using disclaims any responsibility for not having gaping
> > security holes.
>
> If an automaker disclaimed liability for a vehicle, and a negligent
> design or manufacture resulted in injury or loss, it is my
> understanding that the liability disclaimer notwithstanding, the
> automaker would be held responsible. Why do we believe that the same
> would not be the case for software?
In that case, why should the liability also apply to CAs, despite their
disclaimers?
-Ekr
--
[Eric Rescorla ekr at rtfm.com]
http://www.rtfm.com/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list