<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta content="text/html; charset=UTF-8" http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#ffffff">
<br>
On 12/08/2008 01:38 AM, SitG Admin:
<blockquote cite="mid:f06110400c5620d588172@%5B192.168.0.2%5D"
type="cite">
<style type="text/css"><!--
blockquote, dl, ul, ol, li { padding-top: 0 ; padding-bottom: 0 }
--></style>
<title>Re: [OpenID] Changes to the OpenID Foundation
member page</title>
<div>>Self-signed certificates don't provide any protection at
all,
period. See <a moz-do-not-send="true"
href="https://blog.startcom.org/?p=125">https://blog.startcom.org/?p=125</a></div>
<div><br>
</div>
<div>Since the Foundation will have access to members' physical
mailing addresses when they join, would it be possible to mail them
the needed key directly (on a CD or floppy) - and vice versa? Pick
your courier - Postal Service, maybe Fedex - and just laugh when
critics suggest MITM attacks.</div>
</blockquote>
If it's worth the hassle, then yes, this would be the right approach!<br>
<br>
<br>
<div class="moz-signature">
<table border="0" cellpadding="0" cellspacing="0">
<tbody>
<tr>
<td colspan="2">Regards </td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
<tr>
<td>Signer: </td>
<td>Eddy Nigg, <a href="http://www.startcom.org">StartCom Ltd.</a></td>
</tr>
<tr>
<td>Jabber: </td>
<td><a href="xmpp:startcom@startcom.org">startcom@startcom.org</a></td>
</tr>
<tr>
<td>Blog: </td>
<td><a href="http://blog.startcom.org">Join the Revolution!</a></td>
</tr>
<tr>
<td>Phone: </td>
<td>+1.213.341.0390</td>
</tr>
<tr>
<td colspan="2"> </td>
</tr>
</tbody>
</table>
</div>
<br>
</body>
</html>