RSA getting rid of trusted third parties?
Greg Rose
ggr at qualcomm.com
Fri Jun 21 16:50:58 EDT 2002
At 11:48 AM 6/21/2002 -0700, Ian Clelland wrote:
>The trust model doesn't break down just because anyone can create a
>valid X.509 certificate. There still has to be a valid chain of trust
>leading back to a trusted party (RSA, in this case). If that trust is
>abused, then RSA can revoke your cert and break the chain.
a) it isn't clear to me that RSA would have the right to revoke the
organisations certificate; maybe they build it into their license agreement.
b) browsers *don't check* the revocation status on certificates, and the
field that points to the server for the revocation list is almost never
filled in anyway.
Greg.
Greg Rose INTERNET: ggr at qualcomm.com
Qualcomm Australia VOICE: +61-2-9817 4188 FAX: +61-2-9817 5199
Level 3, 230 Victoria Road, http://people.qualcomm.com/ggr/
Gladesville NSW 2111 232B EC8F 44C6 C853 D68F E107 E6BF CD2F 1081 A37C
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at wasabisystems.com
More information about the cryptography
mailing list