tomw@orac.engr.sgi.com (Tom Weinstein) writes:
In article <DG06FE.IA8@sgi.sgi.com>, Hal <hfinney@shell.portal.com> writes:
OK, so suppose I want to send my credit card number to Egghead Software. I get one of these new-fangled certificates from somebody, in which VeriSign has certified that key 0x12345678 has hash 0x54321. I think we can agree that by itself this is not useful. So, it will also bind in some attribute. What will that attribute be?
Um, just a wild guess, but... your credit card number maybe? (Well, okay, its hash.)
I may not have been clear: the certificate I was referring to was the one from Egghead, the one which I will use to make sure that I have a valid key for Egghead. Such a certificate would of course not have my credit card number; it would probably have some information related to Egghead. My rhetorical point was that information would most plausibly be a NAME by which I would refer to Egghead. I am still trying to understand how these proposals to take names out of the picture will apply to a commonplace situation like this one. Hal