[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: AW: self-signed TSA [Was Re: Private Key Cloning]

To: ietf-pkix@xxxxxxx
Subject: RE: AW: self-signed TSA [Was Re: Private Key Cloning]
From: FRousseau@xxxxxxxxxxxxxxxxx
Date: Wed, 21 Jun 2000 10:37:13 -0400
Cc: jean-marc.desperrier@xxxxxxxxxxxx

Title: RE: AW: self-signed TSA [Was Re: Private Key Cloning]

Jean-Marc Desperrier wrote:

[snip]
>
> Also couldn't there be circonstances, where we would have to
> generate a new certificate, if the policy changes, etc... ?

In addition, a TSA private key would eventually expire.

When a TSA using a self-signed certificate has to update its key pair, would it also have to generate three (3) certificates (i.e. the OldWithNew, NewWithOld and NewWithNew TSA certificates) as per Section 2.4 of RFC 2510?

Francois
___________________________________
Francois Rousseau
Director of Standards and Conformance
Chrysalis-ITS
1688 Woodward Drive
Ottawa, Ontario, CANADA, K2C 3R7
frousseau@chrysalis-its.com Tel. (613) 723-5076 ext. 419
http://www.chrysalis-its.com Fax. (613) 723-5078

Prev by Date: Re: Private Key Cloning
Next by Date: Re: certification for pki
Previous by thread: PKIStatusInfo inside draft-ietf-pkix-time-stamp-08.txt
Next by thread: RE: AW: self-signed TSA [Was Re: Private Key Cloning]
Index(es):
- Date
- Thread