Customs and Excise Electronic Returns

Dirk-Willem van Gulik dirkx at
Thu Sep 30 14:22:53 EDT 2004

On Thu, 30 Sep 2004, Ian Grigg wrote:

> PKI, and the Customs & Excise's, mistake was to assume that a
> key is only useful if it is signed by someone else.  From a

Right; that is often forgotten and very useful - as the dutch root PKI was
signed under rather dubious circumstances (and its safeguarding even more
circumspect) we recently guided a customer through essentially accepting
any customer key (plain, self signed or 3random rd party signed) and
simply got them into the habit of keeping lists of keys accepted (and the
mapping to -their- idea what identity it represents).

And all in all that maked things a lot more practical; and fitted
exactly with the existing paper work flow where they would accept based
on caller-ID and a password list.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at

More information about the cryptography mailing list