[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: DPD & DPV Basics

To: "Stephen Kent" <kent@xxxxxxx>, "Steve Hanna" <steve.hanna@xxxxxxx>
Subject: RE: DPD & DPV Basics
From: "Michael Myers" <myers@xxxxxxxxxxxxx>
Date: Fri, 12 Jan 2001 10:16:55 -0800
Cc: "Frank Balluffi" <frankb@xxxxxxxxxxxx>, "PKIX List" <ietf-pkix@xxxxxxx>
Importance: Normal
In-reply-to: <>

Steve,

> On Thursday, January 11, 2001, 3:05 PM you wrote:
>
> The strawman already calls for a DPD server to perform validation.

While I await WG consensus on the requirements, in Pittsburg the DPD I-D
authors observed that a DPD server need not be subject to ITSEC/Common
Criteria/whatever certification due to its untrusted role.  Suggesting that
a DPD server must perform validation seems to refute this objective.  A DPD
client certainly has every reason to expect that the information it receives
from a DPD server is well structured against the subject certificate. Any
thoughts on how we can or should balance these two?

Mike

Follow-Ups:
- RE: DPD & DPV Basics
  - From: Stephen Kent

References:
- Re: DPD & DPV Basics
  - From: Stephen Kent

Prev by Date: RE: DPD & DPV Basics
Next by Date: RE: DPD & DPV requirements - Recursion Issues
Previous by thread: Re: DPD & DPV Basics
Next by thread: RE: DPD & DPV Basics
Index(es):
- Date
- Thread