CA influence over confidentiality
David Swarbrick
david at swarb.demon.co.uk
Wed, 8 Jul 1998 20:05:25 +0100
In message <199807081546.QAA19241@server.eternity.org>, Adam Back
<aba@dcs.ex.ac.uk> writes
>
>I am thinking for example of a DTI licensed CA providing X.509
>ceritifcates which chooses to provide certification services for
>authentication only. Can the CA prevent the certificate from being
>used to obtain confidentiality, or confidentiality over a certain
>strength.
>
I would assume the authority uses such models and accepts certificates
as it wants and which comply with the standards. If you want to use a
standard they do not support, then tough cheddar, find someone who
supports the software you want to use.
More interesting is the question of what subtle influences will be
brought on CAs by the licensing authorities not to use or support proper
encryption standards.
--
David Swarbrick, Solicitor. Brighouse, West Yorkshire.
Tel: +44(0)1484 722531 Fax: +44(0)484 716617 Pager 04325 349742
e-mail david@swarb.demon.co.uk
URL http://www.swarb.co.uk/swarbrick/ - home of the law-index to 8100+ cases
'damn fine webbery"