[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
From: smcmahon at eiv.com (Shawn McMahon)
Subject: PGP vs. certificate from Verisign
On Mon, May 12, 2003 at 01:21:31PM +0200, yossarian said:
>
> defences - who do you trust? Maybe the CA has good policies, and maybe the
> auditing by some accounting firm (KPMG, CGEY, etc.) is good, but all you can
> do here is believe or not believe them - the reports are just paper. There
Since KPMG once accidentally sent me an email that was evidently
intended to be a confidential "on background" response to a reporter
from The Economist, I'm not inclined to assign them infinite trust.
(eiv.com and eiu.com are awfully close, and at the time I had all mail
for unknown users going to me instead of being bounced. The daily flood
of stuff for Rush Limbaugh cured me of that.)
--
Shawn McMahon | Let every nation know, whether it wishes us well or ill,
EIV Consulting | that we shall pay any price, bear any burden, meet any
UNIX and Linux | hardship, support any friend, oppose any foe, to assure
http://www.eiv.com| the survival and the success of liberty. - JFK
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20030512/97ce1534/attachment.bin
Powered by blists - more mailing lists