[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [ga] Registration process suggestion
This is an interesting idea - but that means that the DNSO becomes the CA.
This is not without problems and dangers.
Two families of issues:
1) what sort of credential(s) will it demand?
2) liability exposure. Putting in a zero cent reliance limit will help,
but to be worried about how the recipient might use the cert. for
non-ICANN related stuff, and the possible consequences for the CA, have a
look at "The essential role of trusted third parties in electronic
commerce," http://www.law.miami.edu/~froomkin/articles/trusted.htm which
sets out some problems one might encounter in the absence of legislation.
Since that was written, many jurisdictions have legislated. One could
locate the DNSO-CA in a suitable jurisdiction with a (relatively) friendly
statute. Even so, (A) this usually means taking on some duties to audit
or be audited, which costs money; (B) it doesn't tell you much about
liability for foreign and/or cross-border uses of the cert.
I had assumed you meant outsourcing, to make all this Someone Else's
On Thu, 3 Feb 2000, William X. Walsh wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> On 04-Feb-2000 Michael Froomkin - U.Miami School of Law wrote:
> > I think a solution that relies on access to a CA will be biased against
> > most of the world. CAs are not accessible to most people in most
> > countries, at least not yet. then there's the problem of concentration in
> > the CA market .... we don't have a clear idea of what a trustworthy
> > identity cert is likely to cost in even the near future.
> The DNSO can setup their own, signing people's OpenPGP keys themselves with a
> special signing key. PGP is available over the net, free, to anyone.
> GnuPG is an openpgp implementation that is totally free, and the source code is
> available as well under the Gnu Public License.
> There are PGP or GnuPG programs for nearly every OS/Computer platform out
> there, and with the command line programs can be used with any email client at
> - --
> William X. Walsh <email@example.com>
> DSo Networks http://dso.net/
> Fax: 877-860-5412 or +1-559-851-9192
> GPG/PGP Key at http://dso.net/wwalsh.gpg
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.0.1 (GNU/Linux)
> Comment: DSo Networks
> -----END PGP SIGNATURE-----
A. Michael Froomkin | Professor of Law | firstname.lastname@example.org
U. Miami School of Law, P.O. Box 248087, Coral Gables, FL 33124 USA
+1 (305) 284-4285 | +1 (305) 284-6506 (fax) | http://www.law.tm
-->It's warm here.<--