CAcert Code Development list.

[Ian G <iang AT cacert.org>]

On 17/03/2010 09:32, Dieter Hennig wrote:
> Dear all,
>
> nevertheless, you can discuss different models, how organization members
> will arrange the problem of private keys to keep central  (secret) or
> not, the use of CSRs for Client-certificates as one choice to use is
> important for us.
>
>
>
> Mathieu Simon schrieb am 16.03.2010 06:04:
> > may someone have a look at my code?
> >
> > If it goes into the right direction I could provide a patch for the
> > original file last send one is rather a design draft with some
> > thoughts and comments.
>
> This is the natural practical point of view.
>
> And please do not stress the organization members to much about which
> way they use.
>
> Organization members like we are under control of parliaments control
> groups, we have to fulfill national laws and we have to think about the
> motivation of our (international) staff members.


What laws are you referring to here?  The general sense of digsig laws 
around the world is that they are badly understood and marketed by those 
who have confused interests.  I'm not saying that Switzerland has fallen 
to this, but the EU certainly has, and I suspect it is likely that 
Switzerland has passed the digsig directive into local law.

The general sense of the digsig directive does not require certificates 
to be created only by the individuals using them.

But to resolve this issue, can someone post the English version of the 
digsig law for Switzerland, so we can read it and compare it to the 
others?  Also, any other laws that might speak to the issue of keys.



> In other countries and for other organization members the situation
> would be another, please give them the choice as Mathieu suggested.


So far, I do not think either choice is ruled out necessarily.  The 
problem I see is that there is no policy backing.


iang

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature