should you trust CAs? (Re: dual-use digital signature vulnerability)

[Peter Gutmann]

Aram Perez <aramperez at mac.com> writes:

>I agree with Michael H. If you trust the CA to issue a cert, it's not that
>much more to trust them with generating the key pair.

Trusting them to safely communicate the key pair to you once they've generated
it is left as an exercise for the reader :-).

Peter.

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com