Certificate proposal
Hal
hfinney at shell.portal.com
Thu Oct 5 21:20:34 PDT 1995
tomw at orac.engr.sgi.com (Tom Weinstein) writes:
>In article <DG06FE.IA8 at sgi.sgi.com>, Hal <hfinney at shell.portal.com> writes:
>> OK, so suppose I want to send my credit card number to Egghead Software.
>> I get one of these new-fangled certificates from somebody, in which
>> VeriSign has certified that key 0x12345678 has hash 0x54321. I think we
>> can agree that by itself this is not useful. So, it will also bind in
>> some attribute. What will that attribute be?
>Um, just a wild guess, but... your credit card number maybe? (Well,
>okay, its hash.)
I may not have been clear: the certificate I was referring to was the one
from Egghead, the one which I will use to make sure that I have a valid
key for Egghead. Such a certificate would of course not have my credit
card number; it would probably have some information related to Egghead.
My rhetorical point was that information would most plausibly be a NAME
by which I would refer to Egghead. I am still trying to understand how
these proposals to take names out of the picture will apply to a
commonplace situation like this one.
Hal
More information about the cypherpunks-legacy
mailing list