Skip to Content.
Sympa Menu

cacert-policy - Re: [CAcert-Policy] Privacy in CAcert

Subject: Policy-Discussion

List archive

Re: [CAcert-Policy] Privacy in CAcert


Chronological Thread 
  • From: Ian G <iang AT systemics.com>
  • To: Policy-Discussion <cacert-policy AT lists.cacert.org>
  • Subject: Re: [CAcert-Policy] Privacy in CAcert
  • Date: Wed, 17 Jan 2007 18:05:45 +0100
  • List-archive: <http://lists.cacert.org/cgi-bin/mailman/private/cacert-policy>
  • List-id: Policy-Discussion <cacert-policy.lists.cacert.org>
Duane wrote:
Sven Anderson wrote:

But for what do you need a higher uniqueness than that of the data in
certificates?

Because the certificate identifies an entity, not the other way round,
since an entity can have multiple certificates for multiple things.


The certificate names an entity. That entity name can have clashes. There can be many John Smiths born every day, although less these days.

My point was that if ever there were two John Smiths issued by CAcert, CAcert itself would not be fooled in the event of a dispute: you would simply chase the cert serial number back to the account and that would provide the right "John Smith."

(How that effects other people is another question, but they have no more info anyway, without resort to DR.)

iang


Archive powered by MHonArc 2.6.16.

Top of Page