17 Dec
2003
17 Dec
'03
11:17 p.m.
A lot of people seem to misunderstand the Verisign plan, they are not simply looking to be a CA, they are looking to help other people become CAs. There is clearly a usefull role for a company to do this. there is also a usefull role for two, or more. Question is how can Netscape (or anyone else) _securely_ allow an arbitrary CA's certificate to be used? Certainly the process cannot be automatic. Binding the Verisign public key into the browser may be an undesirable solution, but the problem is to think of a better one. Phill