[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Public key validation and Proof of possession
What's wrong with defining a new policy qualifier?
id-qt-ietf-pkix-key-validation-performed
id-qt-ietf-pkix-proof-of-posession-performed (owner-posession-of-key-assured?)
These would generally be asserted only in the end-entity certificates.
Terry Hayes
On 10/27/05, Stefan Santesson <stefans@xxxxxxxxxxxxx
> wrote:
It is not a proposal.
I just wanted to add it to the picture.
I'm just generally worried about adding new extensions for every
specific certificate policy aspect that can be argued to be useful to
have explicitly encoded.
If we go that path, we may need to consider a common framework for it.
qcStatement is one, suitable or not.
Stefan Santesson
Program Manager, Standards Liaison
Windows Security