-----BEGIN PGP SIGNED MESSAGE-----

Date: Fri, 18 Aug 1995 14:47:55 -0400 (EDT) From: Michael Froomkin <mfroomki@umiami.ir.miami.edu> Subject: Certificates/Anonymity/Policy/True Names

Now the issue arises as to whether one should allow the CA to issue certificates to pseudonyms where it has *no record* of the real identity of the person proffering the key pair. Is there any reason why a person would want such a certificate? In other words, given that the recipient of a digital signature will easily be able to check the value of the certificate (nil), won't the transaction/communication be in all ways identical to one where there was no certificate at all. So is anything of value lost by prohibiting such a certificate?

There are definitely cases where something is lost by prohibiting that kind of certificate. For example, there may be cases where a certified key gives someone some right that doesn't need any further identification, such as a right to run up $100 in phone bills, or a right to receive a year's subscription to cp-lite. As long as the person has paid for that right, who cares who he or she is? In other words, you may wind up sometimes binding a key to a function, rather than a person.

A. Michael Froomkin | +1 (305) 284-4285; +1 (305) 284-6506 (fax) Associate Professor of Law | mfroomki@umiami.ir.miami.edu U. Miami School of Law | P.O. Box 248087 | It's hot here. And humid. Coral Gables, FL 33124 USA |

--John Kelsey, jmkelsey@delphi.com PGP 2.6 fingerprint = 4FE2 F421 100F BB0A 03D1 FE06 A435 7E36 -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMDVGbUHx57Ag8goBAQHO/AP+IM1YQSXZWaysjDALtOljqUEiyiCBA3EM Wxd8dp0dVrXKEii1Ima/xLHMKY4P0fvwT3oQl4x+mMo+ED2lNHo5GOUhgkE1tOZ8 6JfnUS6+l1Y4r14Aq0eMLljrOKFBDDUxewJTRaz36awWNr9W0tEcnnKv9NwQMU// CCKR6L5fekI= =EI6V -----END PGP SIGNATURE-----