Reasonable validation of a software package
Michael Froomkin
froomkin at law.miami.edu
Sat Jul 13 13:18:18 PDT 1996
This illustrates the need for and role of certification authorities.
See http://www.law.miami.edu/~froomkin/articles/trusted.htm for some
info.
On Sat, 13 Jul 1996, Lyal Collins wrote:
> This touches upon a favourite rant of mine.
[...]
> So, now you need to ensure that you can get your public key
> (to verify the digital signature with) in the hands of all
> your possible, or intended, recipients.
>
> Now the race is on for as many people as possible to generate
> PGP public keys/certificates bearing your name, or variations
> of it. Once that occurs, there is a fair chance that one of
> these keys will verfiy the digital signature on a piece of
> software purportedly from you. Still, not many people will have
> your true PGP public key/certificate, but, them's the breaks.
[...]
A. Michael Froomkin | +1 (305) 284-4285; +1 (305) 284-6506 (fax)
Associate Professor of Law |
U. Miami School of Law | froomkin at law.miami.edu
P.O. Box 248087 | http://www.law.miami.edu/~froomkin
Coral Gables, FL 33124 USA | It's hot here. And humid.
More information about the cypherpunks-legacy
mailing list