PGP, Inc.
Rich Graves
llurch at networking.stanford.edu
Sat May 11 00:25:27 PDT 1996
[Actually talking about VeriSign certs]
On Thu, 9 May 1996, Lucky Green wrote:
> At 23:10 5/9/96, E. ALLEN SMITH wrote:
>
>> The first level, in other words, is less of a certification than a
>>PGP key with self-signature and signature from one other person. It
>>doesn't have _any_ effort to verify that the email address stated on it
>>is the actual email address of that nym. Or am I misinterpreting you?
For the first level, this is correct. I didn't even see an AUP
discouraging spoofing.
> I was on a panel with a representative from VeriSign at Interop in Las
> Vegas. He said that uniqueness was the only requirement for the first level
> of cert. I don't have any information beyond that.
Just visit www.verisign.com with the Netscape 3.x beta and see.
-rich
More information about the cypherpunks-legacy
mailing list