<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html;charset=UTF-8" http-equiv="Content-Type">
</head>
<body bgcolor="#ffffff" text="#000000">
Recordon, David wrote:
<blockquote
cite="mid7E7CA24460925C44AEB4F202BA7E45F302B54F@MOU1WNEXMB14.vcorp.ad.vrsn.com"
type="cite">
<title>RE: Re: SSL, DNSSEC and protected data enroute? (was Re: off
topic -how many people use OpenID ?)</title>
<!-- Converted from text/plain format -->
<p><font size="2">I honestly didn't believe this over a year ago when
I first met the VeriSign guys, but I just want to make it clear that
VeriSign is not involved in OpenID with the goal of selling SSL
certificates.<br>
</font></p>
</blockquote>
Quite obvious, it's not about selling SSL server certificates. So I
believe, that if this network succeeds, than certification authorities
will have an interest in validating the user identity.<br>
<blockquote
cite="mid7E7CA24460925C44AEB4F202BA7E45F302B54F@MOU1WNEXMB14.vcorp.ad.vrsn.com"
type="cite">
<p><font size="2">>From a security perspective, self-signed certs
can do a lot of what is needed for what OpenID is doing. At the same
time, there really is value, even for OpenID, in a cert that chains up
to a trusted CA.<br>
</font></p>
</blockquote>
I guess, that the designers of the protocol and specs have to make a
decision concerning that. Hope to have a positive influence on that
part...<font size="2"><br>
<br>
</font>
<div class="moz-signature">-- <br>
<div><font face="Arial" size="2">Regards</font></div>
<div><font face="Arial" size="2"> </font></div>
<div><font face="Arial" size="2">Signer: Eddy Nigg, StartCom Ltd.</font></div>
<div><font face="Arial" size="2">Phone: +1.213.341.0390</font></div>
<div><br>
</div>
</div>
</body>
</html>