At 1:13 PM -0700 7/10/07, Douglas Otis wrote:
On Jul 8, 2007, at 10:34 PM, Eliot Lear wrote:
This can be said of any technology that is poorly managed.
So, you merely believe that the infrastructure of PKI is well managed.
In all but a single instance I have no evidence to the contrary.
The one case of an exploit was extremely well publicized and
ameliorated within days. And that was years ago.
Trust Models.
Once a CA is vetted, it can be leveraged as a point of trust. The
trust is of an association with a URL validated by the certificate.
your reference to a URL is a very specialized (not generic)
description of how one might interpret the security services
associated with a CA.
Steve
_______________________________________________
Ietf@xxxxxxxx
https://www1.ietf.org/mailman/listinfo/ietf