Subject: Policy-Discussion
List archive
Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC
Chronological Thread
- From: IanG <iang AT cacert.org>
- To: Policy-Discussion <cacert-policy AT lists.cacert.org>
- Subject: Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC
- Date: Sun, 19 Oct 2008 19:27:57 +0200
- List-archive: <https://lists.cacert.org/cgi-bin/mailman/private/cacert-policy>
- List-id: Policy-Discussion <cacert-policy.lists.cacert.org>
Peter Williams wrote:
>
>> http://yorkporc.spaces.live.com/blog/cns!5061D4609325B60!317.entry
> Yes; you mere pleb. But beware. The missive later carefully discloses
> that pleb I am, still - since I failed the oral exam.... Didn’t only
> fail, it was a case of throw the damn dissertation back at me as
> heretical, and don’t come back in these hallowed halls till you repent
> and sayeth only the approved things about PKI (like its world is as
> flat...as a dutiful marine’s haircut).
We are all heretics here. We all strive to be more heretical than
the next guy, so you'll have to do better than that to stand out ;)
But, yes, jokes aside. I see.
> Hmmm... your description of validating authorities is interesting.
> It seems to me that this would apply even to a software agent such
> as a browser that took over most of the relying party
> responsibilitie by dint of its display choices, and its verification
> & validation activities. E.g., Firefox as a Validattion Authority.
> ...
> Absolutely. Cert path process itself merely the “standardized” component
> of validity checking. They term following that algorithm ”processing” -
> to distinguish its procedures from CPS-specific validity procedures.
OK ... re-reading it again, I now suspect that you propose the term
"validation" as applying the entire user / relying party /
certificate examination process. (And of that, we have "processing"
as a subcomponent of the user process as specified in the CPS).
Which leaves verification as applying to the issuance process and
the CA's activities.
I'm happy to adopt that ! It helps in the definitions in the CPS
(although most of the audience will think we are mad :)
One question. does validation apply to:
the user's entire reliance process, including the way she asks
her next door neighbour whether ebay is a safe place to buy widgets,
asking the BBB, reading the TrustMe logo on the site, etc etc.
OR
just the user's certificate-obsessed analysis, by checking the
chain, checking the name is the same, checking expiry, CRL, any
liability limits as per those nice euro qualified certs, etc?
> And, then, what was the first OpenID provider ? … a firefox plugin,
> enforcing a validity model in the midst of an sso handoff between two
> server-side sites, over two backtoback (SSL) channels mediated by the
> browser/plugin.
>
>
>
> A new world following on from pure PKI is emerging, nicely.
>
>
>
> The CACert community would easily add OpenId to its repertoire.
Yep. Sometime. Well, maybe. A lot depends on whether the mission
is tight & focussed ("run a CA") or broad and general ("protect
members"). Another debate!
iang
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, (continued)
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, IanG, 10/16/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, Sam Johnston, 10/20/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, Peter Williams, 10/21/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, Philipp Dunkel, 10/16/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, Tomáš Trnka, 10/17/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, Sam Johnston, 10/18/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, Philipp Dunkel, 10/18/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, Peter Williams, 10/18/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, IanG, 10/18/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, Peter Williams, 10/19/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, IanG, 10/19/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, Sam Johnston, 10/20/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, Peter Williams, 10/21/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, IanG, 10/21/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, Peter Williams, 10/21/2008
- [CAcert-Policy] EV stuff, IanG, 10/21/2008
- Re: [CAcert-Policy] EV stuff, Peter Williams, 10/21/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, Peter Williams, 10/21/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, Greg Stark, 10/21/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, Peter Williams, 10/21/2008
- Re: [CAcert-Policy] CPS bugs. Vote please. Colosing date of votes21 October 12pm UTC, IanG, 10/21/2008
Archive powered by MHonArc 2.6.16.