Vulnerability Development mailing list archives
Re: Non-Mathmatical Forging of PKI Digital Certificates /Throwing Rocks at the PKI
From: "Timothy J. Miller" <cerebus () SACKHEADS ORG>
Date: Wed, 23 Aug 2000 07:22:08 -0500
Dener Martins <dener () SERPRO GOV BR> writes:
There are other types of a certificate that have to be considered. For instance, the Brazilian Federal Government will issue a certificate that will force the subscriber (or tax contributor) to present himself to a notary, in order to be elegible to get such a e-certificate. This is one way to make harder to impersonate someone through an web certificate.
I think it needs to be made clear that what the initial paper was discussing was commercial certification authorities. Government-run CAs have alternate stronger personal authentication methods available to them that businesses (by US law at least) are prohibited from accessing. However, some proposed legislation would make such commercial certificates binding just as well as a government-issued certificate-- and therein lies the real risk.
Current thread:
- Non-Mathmatical Forging of PKI Digital Certificates / Throwing Rocks at the PKI Eric Knight (Aug 15)
- Re: Non-Mathmatical Forging of PKI Digital Certificates / Throwing Rocks at the PKI Pluto (Aug 17)
- Re: Non-Mathmatical Forging of PKI Digital Certificates / Throwing Rocks at the PKI Eric Knight (Aug 18)
- Re: Non-Mathmatical Forging of PKI Digital Certificates /Throwing Rocks at the PKI Dener Martins (Aug 22)
- Re: Non-Mathmatical Forging of PKI Digital Certificates /Throwing Rocks at the PKI Timothy J. Miller (Aug 23)
- Re: Non-Mathmatical Forging of PKI Digital Certificates /Throwing Rocks at the PKI Dener Martins (Aug 23)
- Re: Non-Mathmatical Forging of PKI Digital Certificates /Throwing Rocks at the PKI Alvin Foo (Aug 24)
- Re: Non-Mathmatical Forging of PKI Digital Certificates / Throwing Rocks at the PKI Eric Knight (Aug 18)
- Re: Non-Mathmatical Forging of PKI Digital Certificates / Throwing Rocks at the PKI Pluto (Aug 17)
- Re: Non-Mathmatical Forging of PKI Digital Certificates / Throwing Rocks at the PKI Pluto (Aug 29)
- Re: Non-Mathmatical Forging of PKI Digital Certificates / Throwing Rocks at the PKI Christoph Puppe (Aug 25)
- Re: Non-Mathmatical Forging of PKI Digital Certificates / Throwing Rocks at the PKI Timothy J. Miller (Aug 25)
- Re: Non-Mathmatical Forging of PKI Digital Certificates / Throwing Rocks at the PKI Lincoln Yeoh (Aug 26)
- Re: Non-Mathmatical Forging of PKI Digital Certificates / Throwing Rocks at the PKI Pluto (Aug 29)