[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Public key validation and Proof of possession

To: Russ Housley <housley@xxxxxxxxxxxx>
Subject: Re: Public key validation and Proof of possession
From: Stephen Kent <kent@xxxxxxx>
Date: Wed, 26 Oct 2005 20:17:33 -0400
Cc: ietf-pkix@xxxxxxx
In-reply-to: <7.0.0.10.2.20051026151352.05805b20@xxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <7.0.0.10.2.20051025164030.061cdfb0@xxxxxxxxxxxx> <> <7.0.0.10.2.20051026151352.05805b20@xxxxxxxxxxxx>
Sender: owner-ietf-pkix@xxxxxxxxxxxx


At 3:18 PM -0400 10/26/05, Russ Housley wrote:

Steve:
If I understand your proposal, you are suggesting a certificatepolicy OID that would be included in the certificate (in addition toany other certificate policy OID that is appropriate). This wouldbe acceptable to me if it was only used in end-entity certificates.I think it could add complication to certificate policy mapping,which is already too messy.
I note that the certificate policy OID does not offer the samegranularity. The OID would only be included if the public keyvalidation is performed and proof of possession is performed.
Russ


I envisioned two policies, one for each of PoP and PKV.

However, If Stefan's observation about policies is correct (I admitto having not checked first), then this is not a viable alternativeto your proposal, even independent of the policy mapping complexityconcerns your cited.


Steve

References:
- Public key validation and Proof of possession
  - From: Russ Housley
- Re: Public key validation and Proof of possession
  - From: Stephen Kent
- Re: Public key validation and Proof of possession
  - From: Russ Housley

Prev by Date: I-D ACTION:draft-ietf-pkix-cmc-trans-04.txt
Next by Date: RE: Public key validation and Proof of possession
Previous by thread: Re: Public key validation and Proof of possession
Next by thread: RE: Public key validation and Proof of possession
Index(es):
- Date
- Thread