[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OCSP and CSL

To: Brian Ford <brford@xxxxxxxxx>
Subject: Re: OCSP and CSL
From: Ben Laurie <ben@xxxxxxxxxxxxx>
Date: Wed, 26 Jan 2000 21:56:28 +0000
Cc: Massimiliano Pala <madwolf@xxxxxxxxxxxxxxxx>, Stephen Kent <kent@xxxxxxx>, ietf-pkix@xxxxxxx
Organization: A.L. Group plc
References: <> <> <> <>

Brian Ford wrote:
> 
> Ben,
> 
> It comes down to your interpretation of suspend versus revoke.  If the
> network between a client and the CA goes bad and you cannot reach a CA for
> a period of time an argument could be made to "suspend" certs from that CA.
>  If the user leaves the employ of a company one would hope that their cert
> would be "revoked".  No?

If you are talking about suspending _all_ certs from a CA, that's an
entirely different matter. What I (and everyone else, AFAICS) was
talking about was an ability to suspend individual certs.

Cheers,

Ben.

--
SECURE HOSTING AT THE BUNKER! http://www.thebunker.net/hosting.htm

http://www.apache-ssl.org/ben.html

Y19100 no-prize winner!
http://www.ntk.net/index.cgi?back=2000/now0121.txt

References:
- OCSP and CSL
  - From: Massimiliano Pala
- Re: OCSP and CSL
  - From: Stephen Kent
- Re: OCSP and CSL
  - From: Massimiliano Pala
- Re: OCSP and CSL
  - From: Brian Ford

Prev by Date: RE: Some Issues and observations with the son of 2459
Next by Date: Re: LAST CALL:draft-ietf-pkix-time-stamp-05.txt
Previous by thread: Re: OCSP and CSL
Next by thread: Re: OCSP and CSL
Index(es):
- Date
- Thread