Re: it gets worse -- Microsoft warns of hijacked certificates
Michael Ströder <michael@stroeder.com> Fri, 23 March 2001 00:09 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with SMTP id TAA27011 for <pkix-archive@odin.ietf.org>; Thu, 22 Mar 2001 19:09:30 -0500 (EST)
Received: from localhost by above.proper.com (8.9.3/8.9.3) with SMTP id QAA06927; Thu, 22 Mar 2001 16:08:59 -0800 (PST)
Received: by mail.imc.org (bulk_mailer v1.12); Thu, 22 Mar 2001 16:08:55 -0800
Received: from mailout01.sul.t-online.com (mailout01.sul.t-online.com [194.25.134.80]) by above.proper.com (8.9.3/8.9.3) with ESMTP id QAA06892 for <ietf-pkix@imc.org>; Thu, 22 Mar 2001 16:08:53 -0800 (PST)
Received: from fwd04.sul.t-online.com by mailout01.sul.t-online.com with smtp id 14gF8H-0004OK-00; Fri, 23 Mar 2001 01:08:45 +0100
Received: from junker.ms.inka.de (520010731148-0001@[217.1.24.32]) by fmrl04.sul.t-online.com with esmtp id 14gF8F-0ktO64C; Fri, 23 Mar 2001 01:08:43 +0100
Received: from stroeder.com (localhost [127.0.0.1]) by junker.ms.inka.de (Postfix) with ESMTP id D346E67C7C for <ietf-pkix@imc.org>; Fri, 23 Mar 2001 01:08:39 +0100 (CET)
Sender: michael@ms.inka.de
Message-ID: <3ABA9407.9E883B88@stroeder.com>
Date: Fri, 23 Mar 2001 01:08:39 +0100
From: Michael Ströder <michael@stroeder.com>
Reply-To: michael@stroeder.com
Organization: stroeder.com
X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.18 i686)
X-Accept-Language: de-DE, de, en
MIME-Version: 1.0
To: "ietf-pkix@imc.org" <ietf-pkix@imc.org>
Subject: Re: it gets worse -- Microsoft warns of hijacked certificates
References: <3ABA8BBC.25412B54@nma.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
X-Sender: 520010731148-0001@t-dialin.net
Precedence: bulk
List-Archive: http://www.imc.org/ietf-pkix/mail-archive/
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: mailto:ietf-pkix-request@imc.org?body=unsubscribe
Content-Transfer-Encoding: 7bit
Ed Gerck wrote: > > "A field in every certificate should indicate the CRL Distribution Point > (CDP) - the location from which the CRL can be obtained. The problem is > that VeriSign code-signing certificates leave the CDP information blank. My intention always was that in current PKIX specs too many things are optional. Instead of discussing additional optional extensions (e.g. logos) we should discuss how to build a secure and easy-to-implement PKI system by making more details mandantory or leave them out completely. Ciao, Michael.
- it gets worse -- Microsoft warns of hijacked cert… Ed Gerck
- Re: it gets worse -- Microsoft warns of hijacked … Michael Ströder