European Data Retention and Encryption for Dummies

Curt Smith objectpascal at yahoo.com
Tue Jun 4 06:26:54 PDT 2002 

I strongly support your idea.  Although it would even be more
useful if you added:

c)  e-mail address user certs authenticated via confirmation
message sent to the e-mail address being certified
(as Lucky suggested)

d)  fully enable all certificates for all purposes, thereby
allowing the certificate to sign code.

I hope that you are able to implement this idea, as all efforts
to increase the volume of encryption on the internet will
ultimately increase privacy and show strong public support for
cryptography in general.

Curt

--- Tom <tom at lemuria.org> wrote:
> Hi everyone, I've been on this list before, but didn't have
> time for it for a while. Now I'm back because I need some 
> input: 
... 
> Setting up apache so that it does HTTPS instead of HTTP, and
> all requests to HTTP pages are redirected to a page pointing 
> to the HTTPS equivalent and explaining why is trivial.
> Getting the various MTAs to use SMTPS isn't too difficult,
> either.
> 
> The problem with both is the need of SSL certificates. So I
> was thinking of setting up a "Joe Doe's CA". A simple webpage
> where you can request a certificate. It would do two check:
> 
> a) check if IP you are using is identical to the IP you are
> requesting for, i.e. you'll have to ssh into your webserver 
> and use lynx from there.
> 
> b) the certificate will be mailed to the admin-c of the
> domain you requested it for (whois lookup).
> 
> This is not 100% secure, but then again how much checking
> does Verisign really do on certificates? I believe this 
> is "good enough" in that it establishes a reasonable safety 
> that you are talking to the right site, at least much better
> than regular HTTP can offer.
> 
> The purpose of this is to get as many sites to switch to
> using HTTPS and SMTPS as possible. Therefore, the required 
> work must be kept minimal. Once considerable parts of the 
> internet traffic are encrypted, they can pass as many data 
> retention laws as they please.
>  
> Any comments? What did I miss? Where does this idea come
> apart? Does it make sense at all?
> 


=====
end
eof
.
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com

More information about the cypherpunks-legacy mailing list