[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Public key validation and Proof of possession

To: Russ Housley <housley@xxxxxxxxxxxx>
Subject: Re: Public key validation and Proof of possession
From: Stephen Kent <kent@xxxxxxx>
Date: Wed, 26 Oct 2005 12:45:24 -0400
Cc: ietf-pkix@xxxxxxx
In-reply-to: <7.0.0.10.2.20051025164030.061cdfb0@xxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <7.0.0.10.2.20051025164030.061cdfb0@xxxxxxxxxxxx>
Sender: owner-ietf-pkix@xxxxxxxxxxxx


Russ,

I think this is a good suggestion, and the extension should be asimple as you suggest. Relying on this being in a CP is asking a lotin management terms, as you noted.

However, one might also address this by defining an IETF-standard CPthat addresses just these issues, and allowing CAs to add that CP towhatever other CP that assert in an cert. How do you feel about thatalternative?


Steve

Follow-Ups:
- Re: Public key validation and Proof of possession
  - From: Russ Housley

References:
- Public key validation and Proof of possession
  - From: Russ Housley

Prev by Date: RE: Public key validation and Proof of possession
Next by Date: RE: Public key validation and Proof of possession
Previous by thread: RE: Public key validation and Proof of possession
Next by thread: Re: Public key validation and Proof of possession
Index(es):
- Date
- Thread