[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Embedded certificate image

To: Peter Gutmann <pgut001@xxxxxxxxxxxxxxxxx>, <ietf-pkix@xxxxxxx>, <ynir@xxxxxxxxxxxxxx>
Subject: Re: Embedded certificate image
From: Stefan Santesson <stefan@xxxxxxxxxxx>
Date: Thu, 30 Jul 2009 09:44:30 +0200
In-reply-to: <E1MWQBi-0002jI-Ae@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
Thread-index: AcoQ6ZI3cP7DeB3yD0a6BwVTdwKfhw==
Thread-topic: Embedded certificate image
User-agent: Microsoft-Entourage/12.20.0.090605

Good question.

The reason would be to allow data to be stored locally when the original
specification only offers the option to specify a URL to the location of the
data.

This is the case for RFC 3709, which is the standard we would use to bind a
cert image to the certificate. RFC 3709 does only offer a URL as means of
referring to the actual image, it does not offer any other means of local
storage.

By providing the image in the URL, we could offer a way to embed the image
and still stay within the syntax of the original spec.

/Stefan

On 09-07-30 9:36 AM, "Peter Gutmann" <pgut001@xxxxxxxxxxxxxxxxx> wrote:

> Yoav Nir <ynir@xxxxxxxxxxxxxx> writes:
> 
>> I guess that if the image is embedded in the URL, you don't really need to
>> follow it, just process it locally.
> 
> In that case why encode it as a URL in the first place?
> 
> Peter.

Follow-Ups:
- Re: Embedded certificate image
  - From: Peter Gutmann

References:
- RE: Embedded certificate image
  - From: Peter Gutmann

Prev by Date: RE: Embedded certificate image
Next by Date: Re: Embedded certificate image
Previous by thread: RE: Embedded certificate image
Next by thread: Re: Embedded certificate image
Index(es):
- Date
- Thread