17 Dec
2003
17 Dec
'03
11:17 p.m.
| C) Don't settle for less than X.509 ver 3, because this allows the | certificate to carry within it a reference to the location of the CRL | list. Use that feature. Does X.509 version 3 fix the problem that Ross Anderson points out in his 'Robustness Principles' paper? (Crypto '95 proceedings, or ftp.cl.cam.ac.uk/users/rja14/robustness.ps.Z) Its an excellent paper, well worth reading, but the basic problem is that X.509 encrypts before signing. Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume