[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: DPD & DPV Basics

To: PKIX List <ietf-pkix@xxxxxxx>
Subject: RE: DPD & DPV Basics
From: "Covey, Carlin" <ccovey@xxxxxxxxxx>
Date: Thu, 11 Jan 2001 15:30:28 -0800

I agree with you Steve.

- Carlin

-----Original Message-----
From: Stephen Kent [mailto:kent@xxxxxxx]
Sent: Thursday, January 11, 2001 4:22 PM
To: Covey, Carlin
Cc: PKIX List
Subject: RE: DPD & DPV Basics

Carlin,

The examples you cite of benefits from having cert chains returned by 
a DPD server, even if not strictly valid, are examples of the R&D 
problem area I alluded to in earlier messages. I don't think we have 
a good set of parameters to express the "not quite valid, but maybe 
close enough to be useful" notion you are describing.  We would need 
a specific set to be part of the spec, else we will not be able to 
have a good spec for server operation, nor for client control of 
server operation.  So, I'd discourage heading down this path uless we 
have such a set of parameters, and Wg agreement on their desirability 
and completeness.

Steve

Prev by Date: RE: DPD & DPV Basics
Next by Date: RE: DPD & DPV requirements
Previous by thread: Re: DPD & DPV Basics
Next by thread: Re: DPD & DPV Basics
Index(es):
- Date
- Thread