Re: trusted identities

Mark Bordas (Mark.Bordas@East)
Tue, 29 Apr 1997 17:26:56 -0400 (EDT)

Date: Tue, 29 Apr 1997 17:26:56 -0400 (EDT)
From: Mark Bordas <Mark.Bordas@East>
Subject: Re: trusted identities
To: Mark.Bordas@East, mrm@Eng, David.Brownell@Eng

I'm thinking in terms of customers who want to deliver
software to their customers over the internet. They
can easily create a certificate and make it available
to the customer, and they can somehow hide
the syntax of javakey to create the needed database.
I'm just trying to find out specifically what steps
to go through and where questions might arise.

mb

> Another set of issues is that although X509v1 certainly supports
> cert chaining (and it's relied on for SSL :-), we don't have CAs
> who will cut DSA certs yet. Yet it's DSA that's used in the code
> signing support today! So support for CAs in code signing can't
> be well developed yet. I'm not sure the models Microsoft and
> Verisign worked out are the best ones, though they're a start.