Verisign to run National RFID Directory - Slashdot

Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!

×

Verisign to run National RFID Directory 194

Posted by CmdrTaco on Tuesday January 13, 2004 @09:05AM from the we've-seen-this-before dept.

JamesD_UK writes "Verisign has been given the contract to develop a national RFID directory by EPCGlobal. Under the directory scheme each company will maintain an Object Name Service analogous to DNS with Verisign running the root server. Verisign has already setup the infrastructure at six different global sites."

This discussion has been archived. No new comments can be posted.

Verisign to run National RFID Directory

Search 194 Comments Log In/Create an Account

Comments Filter:

Re:Verisign & code signing (Score:5, Informative)

by BenBenBen ( 249969 ) writes: on Tuesday January 13, 2004 @09:16AM (#7961710)

One of the grand-daddy certs expired. [theregister.co.uk] Screwed everything from websites to Norton Antivirus

Parent Share
twitter facebook
Re:Verisign & code signing (Score:3, Informative)

by PaschalNee ( 451912 ) writes: <pnee@nosPam.toombeola.com> on Tuesday January 13, 2004 @09:19AM (#7961732) Homepage

Seek [google.ie] and ye shall receive [slashdot.org]

Parent Share
twitter facebook
As much as I hate VeriSign... (Score:5, Informative)

by Shoten ( 260439 ) writes: on Tuesday January 13, 2004 @09:36AM (#7961845)

I have to say that they've proven that they're a good choice for this. Keep in mind what the #1 priority is for maintaining TLDs, particularly the big ones (.com, .net, .org) that Network Solutions/VeriSign handled for most of their lives. VeriSign's idiocy and abuse with regards to non-existent domain handling and misleading 'renewal' notices are despicable for sure, but while all that was going on, they also kept things up and running quite well, even weathering out the largest DDoS on record without going down.

Share
twitter facebook
Re:Verisign & code signing (Score:5, Informative)

by jrumney ( 197329 ) writes: on Tuesday January 13, 2004 @09:38AM (#7961857)

Yes, but isn't it Microsoft's job to renew their certificate with Verisign?
Microsoft's certificate wasn't expired. The problem stems from the fact that Verisign sign third party certificates with a certificate which has an expiry date (for safety, to limit the effects in the unlikely event that the private key is stolen from the secure facility it is kept in). The Verisign certificate is not part of the server certificate (otherwise people could make their own "Verisign" certs), it is distributed with tools and browsers etc.
Now a few years ago, Verisign realised that one of their Root Certificates was about to reach the point where it would expire within the lifetime of the certificates they were issuing. The sensible thing to do would be to create a new Root Certificate, and start using that, but then everyone using existing browsers and other tools would need to install the new certificate to continue working smoothly. Instead, they decided to extend the expiry date of the existing certificate, and reissue it. This meant that existing tools could keep working for a while without installing new certificates, and as newer updates replaced them, the new certificates would filter through.
The problem with this approach is that people became complacent and it was just delaying the problem. Some certificate stores ended up with both new and old certificates, and bugs in software (some MS software from what I've heard) meant that the old certificate was still being used, the new one was ignored. Other software (Java) continued being released with the old certificate and noone noticed until about a month ago. And then there's all the installations of Netscape Enterprise Server, Netscape 4.7, even IE 4 and 5.0 that are still out there with old certificates.

Parent Share
twitter facebook
Re:Too much control by one company? (Score:2, Informative)

by TopShelf ( 92521 ) writes: on Tuesday January 13, 2004 @09:41AM (#7961878) Homepage Journal

Sounds like you need to crawl back under a rock and hide from the future, then!

EPC is simply a reference for finding the producer of a given item - you pick up an RFID tag with the appropriate data, it refers you to Gillette, where you can use more specific information to find that it's a case of Mach 3 razor blades, shipped from such-and-such warehouse on such-and-such date. What exactly are you afraid of???

It disappoints me to see how many supposedly tech-savvy readers around here react with such fear...

Parent Share
twitter facebook
WoW, its incredible to find... (Score:2, Informative)

by 0nl00ker ( 741066 ) writes: on Tuesday January 13, 2004 @12:02PM (#7963004)

...so many 'technical people', so little real understanding. To the peeps who think RFID is 1984 "20 yrs late" - you are soo joking, give this technology another 10yrs minimum Before it gets anywhere NEAR the kind o0f FUD I'm seeing on this thread. Even more to the point, Y oh Y do people seem to swallow the Corporate-bilge when it suits their paranoia??? Figure it out - more importantly, do some reading, I work with RFID and half of what I read on this thread is applicable only in a SciFi novel. Ho hum.

Share
twitter facebook
who makes these decisions? (Score:1, Informative)

by __aaitqo8496 ( 231556 ) writes: on Tuesday January 13, 2004 @12:28PM (#7963286) Journal

who makes these decisions? given verisign's past, what novice decided this would be best? how about we start polling the slashdot community, or at very least, asking someone with some computer expertise. .com, .net, and RFID. what next?

Share
twitter facebook
Re:ASN.1 vulnerabilities? (Score:2, Informative)

by jan de bont ( 702726 ) writes: on Tuesday January 13, 2004 @01:07PM (#7963735)

Uh, No, not ASN like at all. RFID tags respond with EPC codes. Once you read the EPC, you take it to the ONS (Object Naming System). The EPC has a header (fixed length), Manufacturer Code (fixed length), product code (fixed), and a serial number. The ONS works by taking the Manufacuring Code ONLY and going to a "root" ONS server. This points at that manufacturer's ONS... which is then queried to see what the product code means, is that serial number valid and if so for what object, etc. Verisign is running the ROOT only... no walking trees, no ASN vulnerabilities.

Parent Share
twitter facebook
Re:Verisign & code signing (Score:3, Informative)

by Reziac ( 43301 ) writes: on Tuesday January 13, 2004 @03:00PM (#7964761) Homepage Journal

I remember a few years ago, when everyone not using the Very Latest Browser[tm] had to go fetch and install some new certificates. It wasn't too much of a big deal, just follow-link, click-OK a few times, done. Any reason Verisign can't do this again??

Parent Share
twitter facebook

There may be more comments in this discussion. Without JavaScript enabled, you might want to turn on Classic Discussion System in your preferences instead.

Related Links Top of the: day, week, month.

557 commentsFrozen Embryos Are 'Children,' According To Alabama's Supreme Court
462 commentsTeenagers Have Bought 'Ghost Guns' Online, Sometimes with Deadly Consequences
394 commentsIowa School District Is Using AI To Ban Books
365 commentsUS Supreme Court Rejects US Student Loan Relief. President Biden Responds
362 commentsShould Public Buses Be Free?

He has not acquired a fortune; the fortune has acquired him. -- Bion