At 7:15 PM 10/3/95, Carl Ellison wrote:

Yup. Verisign is probably going to fight hard to keep their certificate model. On top of them, there's the US Postal Service and a few others, fighting over the chance to set up a certificate hierarchy.

Almost needless to say, there is nothing particularly wrong with certificate-granting agencies. A big caveat: Providing the process is fully voluntary. (I'm not addressing issues of implementation, of the "X.509" messinesses, etc.) The big danger I see in all this talk of "certificate authorities" is that it won't be a voluntary process. (The same themes as with key escrow.) I'm not suggesting we waste our time arguing against such certificate authorities. Rather, we might better spend our time finding ways to monkeywrench the proposals. I don't want either the "Postal Service" or "Verisign" given the authority to approve or disapprove my identity or any identity I may choose to adopt. Isn't it about time for SAIC to acquire Verisign? --Tim May (Identity Subject to Approval) ---------:---------:---------:---------:---------:---------:---------:---- Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@got.net 408-728-0152 | anonymous networks, digital pseudonyms, zero Corralitos, CA | knowledge, reputations, information markets, Higher Power: 2^756839 | black markets, collapse of governments. "National borders are just speed bumps on the information superhighway."