spread the dot jenett.radio.randomizer - click to visit a random Radio weblog - for information, contact randomizer@coolstop.com

Security

 Wednesday, February 11, 2004

Verification

Our friends at Verisign like to use a trusted third-party source when verifying the identity of the contact information given in a certificate signing request. What this entails is that they call 411 and ask for a the listed telephone number of the requesting company. They then call that number, and ask to speak with the person requesting the certificate, or ask for confirmation that the requestor is employed by said company.

You would think that the phone company would be easily verifiable. Turns out that they can't just call the operator to get in touch with someone on staff, nor are the affiliates' listed numbers answered by live people. How funny is that?

11:08:40 PM # Google It!
categories: Identity, Security