Another entry in the internet security hall of shame....

R.A. Hettinga rah at shipwright.com
Thu Aug 25 16:28:25 EDT 2005


At 9:42 AM -0400 8/25/05, Trei, Peter wrote:
>Self-signed certs are only useful for showing that a given
>set of messages are from the same source - they don't provide
>any trustworthy information as to the binding of that source
>to anything.

Oddly enough, the same could be said for a hierarchically signed certificate.

;-)

Cheers,
RAH

-- 
-----------------
R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list