I came across this interesting announcement by RSA: <http://www.rsasecurity.com/news/pr/2002/020619.html>
Particularly from the above announcement: By using this solution, customers' Web server certificates generated and issued by their RSA Keon Certificate Authority (CA) software are designed to be automatically validated - and therefore trusted - by popular Web browsers, e-mail packages and other applications that leverage the recognized issuer lists of these Web browsers. This announcement appears to completely break down the trust model assuming anybody can host a Keon CA that will issue trusted certificates. -Michael Heyman --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
