Re: it gets worse -- Microsoft warns of hijacked certificates
Michael Ströder <michael@stroeder.com> Fri, 23 March 2001 00:09 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39])
by ietf.org (8.9.1a/8.9.1a) with SMTP id TAA27011
for <pkix-archive@odin.ietf.org>; Thu, 22 Mar 2001 19:09:30 -0500 (EST)
Received: from localhost by above.proper.com (8.9.3/8.9.3) with SMTP id
QAA06927; Thu, 22 Mar 2001 16:08:59 -0800 (PST)
Received: by mail.imc.org (bulk_mailer v1.12); Thu, 22 Mar 2001 16:08:55 -0800
Received: from mailout01.sul.t-online.com (mailout01.sul.t-online.com
[194.25.134.80])
by above.proper.com (8.9.3/8.9.3) with ESMTP id QAA06892
for <ietf-pkix@imc.org>; Thu, 22 Mar 2001 16:08:53 -0800 (PST)
Received: from fwd04.sul.t-online.com by mailout01.sul.t-online.com with smtp
id 14gF8H-0004OK-00; Fri, 23 Mar 2001 01:08:45 +0100
Received: from junker.ms.inka.de (520010731148-0001@[217.1.24.32]) by
fmrl04.sul.t-online.com
with esmtp id 14gF8F-0ktO64C; Fri, 23 Mar 2001 01:08:43 +0100
Received: from stroeder.com (localhost [127.0.0.1])
by junker.ms.inka.de (Postfix) with ESMTP id D346E67C7C
for <ietf-pkix@imc.org>; Fri, 23 Mar 2001 01:08:39 +0100 (CET)
Sender: michael@ms.inka.de
Message-ID: <3ABA9407.9E883B88@stroeder.com>
Date: Fri, 23 Mar 2001 01:08:39 +0100
From: Michael =?iso-8859-1?Q?Str=F6der?= <michael@stroeder.com>
Reply-To: michael@stroeder.com
Organization: stroeder.com
X-Mailer: Mozilla 4.76 [en] (X11; U; Linux 2.2.18 i686)
X-Accept-Language: de-DE, de, en
MIME-Version: 1.0
To: "ietf-pkix@imc.org" <ietf-pkix@imc.org>
Subject: Re: it gets worse -- Microsoft warns of hijacked certificates
References: <3ABA8BBC.25412B54@nma.com>
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Sender: 520010731148-0001@t-dialin.net
Precedence: bulk
List-Archive: http://www.imc.org/ietf-pkix/mail-archive/
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: mailto:ietf-pkix-request@imc.org?body=unsubscribe
Content-Transfer-Encoding: 7bit
Ed Gerck wrote: > > "A field in every certificate should indicate the CRL Distribution Point > (CDP) - the location from which the CRL can be obtained. The problem is > that VeriSign code-signing certificates leave the CDP information blank. My intention always was that in current PKIX specs too many things are optional. Instead of discussing additional optional extensions (e.g. logos) we should discuss how to build a secure and easy-to-implement PKI system by making more details mandantory or leave them out completely. Ciao, Michael.
- it gets worse -- Microsoft warns of hijacked cert… Ed Gerck
- Re: it gets worse -- Microsoft warns of hijacked … Michael Ströder