S/MIME and web of trust (was Re: NAI pulls out the DMCA stick)
jamesd at echeque.com
jamesd at echeque.com
Sat May 25 15:44:29 PDT 2002
--
Having been the verisign guy at a couple of companies, it appears
to me that the administrative costs of both models are
unacceptably high.
The hierarchical verisign model is useful when one wishes to
verify that something comes from a famous and well known name --
that this software really is issued by Flash, that this website
really does belong to the Bank of America. In this case, however,
only famous and well known names need their keys from verisign.
No one else needs one.
When one wishes to know one is really communicating with Bob, it
is best to use the same channels to verify this is Bob's key, as
one used to verify that Bob is the guy one wishes to talk to. The
web of trust, and Verisign, merely get in the way.
--digsig
James A. Donald
6YeGpsZR+nOTh/cGwvITnSR3TdzclVpR0+pr3YYQdkG
xkCkA0o8/Z61jfLQ1GxttqqvOUL5cRcKXhnoSRp2
4530ol1PGEfGac3Gmk2JosCmoRLyj96HAEp0EUGLT
More information about the cypherpunks-legacy
mailing list