EuroCert

• To: www-security@ns2.rutgers.edu
• Subject: EuroCert
• From: "John Hemming (Chief Executive MarketNet )" <JohnHemming@mkn.co.uk>
• Date: Tue, 25 Jul 95 08:07:00 -700

1. FYI we are establishing EuroCert a Certification Authority
   for the continent of Europe.

2. Considering Digital Signatures

   At the moment the Web operates on a Caveat Emptor principle.
   Certain organisations may or may not be regulated by their
   central government, but if you take four examples in the
   UK

   Insurance - Government Regulation
   Investment - SFA/SIB
   Banking - Bank of England
   Legal - Law Society

   There are systems of regulation to protect the purchaser
   of services.  Eg capital requirements and other such issues.

   Some sites and servers cover more than one of those business
   areas.   

   Clearly, given that the domain name does not really indicate
   the country, people looking for services on the net need to
   know whether or not the organisation they are trading with
   is regulated.

   Certification Authorities generally check the identity of
   the entity being certified.  

   It seems clear that in the medium to long term an additional
   signature (s) may be needed for regulatory areas.

   This clearly is a problem for the X509 certificate, but not
   so much of a problem for PGP type signatures.


John Hemming

• Re: EuroCert
• From: Harald.T.Alvestrand@uninett.no

• Previous: Re: Cern HTTPD: Password/Login problems ? - Me Too
• Next: Access Tracking
• Index(es):
  • Index
  • Thread