Verisign gets export approval
Steve Schear
azur at netcom.com
Fri Jul 18 08:58:40 PDT 1997
> On Thu, 17 Jul 1997, Tom Weinstein wrote:
>>Lucky Green wrote:
>> Even if Communicator would never check CRL's, not even in the future,
>> the mere fact that the Global ID cert have only a one year lifetime
>> means anyone relying on Global ID can be held hostage by threatening
>> to refuse to renew their cert. The reader may not be aware that unlike
>> other certs, the Global ID certs are *only* issued by VeriSign. You
>> can not go to a non-US CA and obtain such a cert. [Which of course
>> would defy the whole purpose of this rather slick deal :-]
>
>Aren't all certs VeriSign issues only valid for one year? This isn't
>any different.
>
>There's nothing preventing another CA from getting permission from the
>USG to issue these magic certs. We would have to distribute a patch,
>but I don't see any problem with that.
There's probably no technical reason these patches must originate with
Netscape. Seems like a healthy cottage industry could spring up to supply
patch software to offshore companies which want magic certs w/o USG
approval.
--Steve
More information about the cypherpunks-legacy
mailing list