This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/

[db-wg] Re: [ncc-services-wg] X.509 authentication in the RIPE Database

Previous message (by thread): [db-wg] Re: [ncc-services-wg] X.509 authentication in the RIPE Database
Next message (by thread): [db-wg] Re: [ncc-services-wg] X.509 authentication in the RIPE Database

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Joao Damas joao at psg.com
Thu Jul 17 16:30:40 CEST 2003

On Thursday, Jul 17, 2003, at 13:48 Europe/Amsterdam, Randy Bush wrote:

>>> someone getting at the root CA key at an RIR
>> There would still be the very similar issue of someone getting at the
>> certificate that the RIR bought from the third party CA.
>
> no, as that would not be installed in my browser to be absolutely
> trusted.
>

If the certificate that signs other certificates is compromised, the 
trust in the signed certificates is gone because you won't be able to 
know if new certificates have been generated by non-legitimate parties.

Joao

Previous message (by thread): [db-wg] Re: [ncc-services-wg] X.509 authentication in the RIPE Database
Next message (by thread): [db-wg] Re: [ncc-services-wg] X.509 authentication in the RIPE Database

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

[ db-wg Archives ]