From: IN%"shamrock@netcom.com" 9-MAY-1996 23:02:01.67
At 19:37 5/9/96, E. ALLEN SMITH wrote:
I can see some fascinating legal questions with what, exactly, a VeriSign certificate obligates the company for. Digital signature laws should get interesting - any application of this to the Utah one?
VeriSign is going to offer four levels of certs. The first requires only uniqueness. For the other three levels, VeriSign will require more and better assurances of the correctness of True Name stated on the cert. I don't know what form these assurances are supposed to take.
The first level, in other words, is less of a certification than a PGP key with self-signature and signature from one other person. It doesn't have _any_ effort to verify that the email address stated on it is the actual email address of that nym. Or am I misinterpreting you? -Allen