[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Embedded certificate image

To: "Timothy J. Miller" <tmiller@xxxxxxxxx>, Santosh Chokhani <SChokhani@xxxxxxxxxxxx>
Subject: Re: Embedded certificate image
From: Stefan Santesson <stefan@xxxxxxxxxxx>
Date: Fri, 31 Jul 2009 20:19:15 +0200
Cc: ietf-pkix <ietf-pkix@xxxxxxx>
In-reply-to: <4A732267.2040204@xxxxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
Thread-index: AcoSC2kOpD1TXwIPLUuq89vKgQlIDQ==
Thread-topic: Embedded certificate image
User-agent: Microsoft-Entourage/12.20.0.090605

Tim,

It is not reasonable for this standard to dictate what a CA accepts as
input.

/Stefan

On 09-07-31 6:57 PM, "Timothy J. Miller" <tmiller@xxxxxxxxx> wrote:

> Santosh Chokhani wrote:
> 
>> RFC says "The relationship between the subject organization and the
>> subject
>>    organization logotype, and the relationship between the issuer and
>>    either the issuer organization logotype or the community logotype,
>>    are relationships asserted by the issuer."
>> 
>> It tends to imply that the logotype is predefined data and not in the
>> certificate request payload.
> 
> I'd feel better if it were explicit that the subject logotype is
> provided by the issuer.
> 
> As it is, I think it can be read either way.  The issuer asserts
> everything in the cert, after all, but it didn't create it all; much was
> provided by the applicant.
> 
> -- Tim

Follow-Ups:
- Re: Embedded certificate image
  - From: Tom Gindin

References:
- Re: Embedded certificate image
  - From: Timothy J. Miller

Prev by Date: Re: Embedded certificate image
Next by Date: Re: Embedded certificate image
Previous by thread: Re: Embedded certificate image
Next by thread: Re: Embedded certificate image
Index(es):
- Date
- Thread