[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Embedded certificate image

To: "Timothy J. Miller" <tmiller@xxxxxxxxx>
Subject: RE: Embedded certificate image
From: "Santosh Chokhani" <SChokhani@xxxxxxxxxxxx>
Date: Thu, 30 Jul 2009 17:37:55 -0400
Cc: "Stefan Santesson" <stefan@xxxxxxxxxxx>, "ietf-pkix" <ietf-pkix@xxxxxxx>
In-reply-to: <4A720A76.8010107@xxxxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <4A71BD2B.60606@xxxxxxxxx> <C697B3BD.3A6E%stefan@xxxxxxxxxxx> <FAD1CF17F2A45B43ADE04E140BA83D48C73CD1@xxxxxxxxxxxxxxxxxxxxxx> <4A7203A6.20903@xxxxxxxxx> <FAD1CF17F2A45B43ADE04E140BA83D48C73CF8@xxxxxxxxxxxxxxxxxxxxxx> <4A720A76.8010107@xxxxxxxxx>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
Thread-index: AcoRWRmub0BhqRwcSaycRD64DrJ4MQAAJ6xA
Thread-topic: Embedded certificate image

Tim,

RFC says "The relationship between the subject organization and the
subject
   organization logotype, and the relationship between the issuer and
   either the issuer organization logotype or the community logotype,
   are relationships asserted by the issuer."

It tends to imply that the logotype is predefined data and not in the
certificate request payload.

> -----Original Message-----
> From: Timothy J. Miller [mailto:tmiller@xxxxxxxxx] 
> Sent: Thursday, July 30, 2009 5:03 PM
> To: Santosh Chokhani
> Cc: Stefan Santesson; ietf-pkix
> Subject: Re: Embedded certificate image
> 
> Santosh Chokhani wrote:
> 
> > Stefan is saying that the data is not applicant chosen. 
> 
> The subject org logotype in 3709 is applicant chosen and has 
> the same problem.
> 
> I think the countermeasure of re-ordering extensions is 
> sufficient, and is probably worth a security consideration in 
> both specs.
> 
> -- Tim
>

Follow-Ups:
- Re: Embedded certificate image
  - From: Timothy J. Miller

References:
- Re: Embedded certificate image
  - From: Timothy J. Miller
- Re: Embedded certificate image
  - From: Stefan Santesson
- RE: Embedded certificate image
  - From: Santosh Chokhani
- Re: Embedded certificate image
  - From: Timothy J. Miller
- RE: Embedded certificate image
  - From: Santosh Chokhani
- Re: Embedded certificate image
  - From: Timothy J. Miller

Prev by Date: Re: Embedded certificate image
Next by Date: I-D Action:draft-ietf-pkix-ocspagility-01.txt
Previous by thread: Re: Embedded certificate image
Next by thread: Re: Embedded certificate image
Index(es):
- Date
- Thread