Re: Logotypes in certificates
Dean Povey <povey@dstc.qut.edu.au> Fri, 23 March 2001 10:31 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with SMTP id FAA03051 for <pkix-archive@odin.ietf.org>; Fri, 23 Mar 2001 05:31:11 -0500 (EST)
Received: from localhost (daemon@localhost) by above.proper.com (8.9.3/8.9.3) with SMTP id CAA23133; Fri, 23 Mar 2001 02:30:45 -0800 (PST)
Received: by mail.imc.org (bulk_mailer v1.12); Fri, 23 Mar 2001 02:30:43 -0800
Received: from thunder.dstc.qut.edu.au (thunder.dstc.qut.edu.au [131.181.71.1]) by above.proper.com (8.9.3/8.9.3) with ESMTP id CAA23094 for <ietf-pkix@imc.org>; Fri, 23 Mar 2001 02:30:41 -0800 (PST)
Received: from dstc.qut.edu.au (datsun.dstc.qut.edu.au [131.181.71.19]) by thunder.dstc.qut.edu.au (8.10.1/8.10.1) with ESMTP id f2NAUYm12689; Fri, 23 Mar 2001 20:30:34 +1000 (EST)
Message-Id: <200103231030.f2NAUYm12689@thunder.dstc.qut.edu.au>
To: Aram Perez <aram@pacbell.net>
cc: ietf-pkix@imc.org
Subject: Re: Logotypes in certificates
In-reply-to: Your message of "Thu, 22 Mar 2001 22:05:11 PST." <B6E02797.3BF9%aram@pacbell.net>
Date: Fri, 23 Mar 2001 20:30:34 +1000
From: Dean Povey <povey@dstc.qut.edu.au>
Precedence: bulk
List-Archive: http://www.imc.org/ietf-pkix/mail-archive/
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: mailto:ietf-pkix-request@imc.org?body=unsubscribe
>> This message is in MIME format. Since your mail reader does not understand >this format, some or all of this message may not be legible. > >--MS_Mac_OE_3068143512_561796_MIME_Part >Content-type: text/plain; charset="US-ASCII" >Content-transfer-encoding: 7bit > >So which is the the real logo? > Similar logos deleted. This is of course a valid point, but one can find similar examples in names. One of the major banks in Australia is "The Commonwealth Bank of Australia " (commonly shortened to CBA) so which of the following is the correct domain name for it? (All of these are valid domains with live websites attached). 1. www.cba.com.au 2. www.cba.com 3. www.commbank.com.au 4. www.commonwealthbank.com The answer is actually 3, although 1 redirects to this. Actually I can't be 100 percent sure that it is 3 since connecting to https://www.commbank.com.au redirects me to the non-ssl website so the connection is not secured :-). We are not proposing that logos are less ambiguous than names, simply that they are another datapoint which the user can use to make their decision. Part of the problem can be addressed by CAs only certifying registered trademarks which they can easily check and which have to by nature be unlike other trademarks. Policy and procedures can deal with many of the objections that people raise. We also need to think beyond just logos. What about photographs of employees in Certificates? This is such a useful thing to be able to do. I am cognisant of the reticence of people to stuff too much in certs, and I think in general this is a good principle. But providing it is done sensibly I think there is a fair bit to suggest that a scheme like this would significantly contribute to the security of PKI systems. But I feel that perhaps the weight of opinion is against me :-(. Cheers. -- Dean Povey, | e-m: povey@dstc.edu.au | JCSI: Java Crypto Toolkit Research Scientist | ph: +61 7 3864 5120 | uPKI: C PKI toolkit for embedded Security Unit, DSTC | fax: +61 7 3864 1282 | systems Brisbane, Australia | www: security.dstc.com | Oscar: C++ PKI toolkit
- Re: Logotypes [not] in certificates David P. Kemp
- Re: Logotypes [not] in certificates Dean Povey
- Re: Logotypes in certificates Aram Perez
- Re: Logotypes in certificates Dean Povey
- Re: Logotypes in certificates Anders Rundgren
- Re: Logotypes [not] in certificates Bodo Moeller
- Re: Logotypes [not] in certificates Dean Povey
- Re: Logotypes [not] in certificates Bodo Moeller
- RE: Logotypes [not] in certificates Frank Balluffi