[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Basic Cert-2-Directory mapping question

To: ietf-pkix@xxxxxxx, dpkemp@xxxxxxxxxxxxxx
Subject: RE: Basic Cert-2-Directory mapping question
From: Peter Sylvester <Peter.Sylvester@xxxxxxxxxx>
Date: Thu, 18 Jan 2001 11:28:16 +0100 (MET)

> 
> I agree with Bob's goal of eliminating the need to pass certs in
> session handshakes and messages. If there were only two options (change
> the DN or add an extension), then only the first moves toward that
> goal.  But you have proposed a third option: leave the cert alone!
> For my part, I am simply in awe of the elegance of that approach.

> It might even work.
> 
> Dave


If the goal is to limit the size of for example an S/MIME signature,
a signer MAY add an attribute (signed or unsigned) to the signature if
it is necessary which is similar to an access method in an AIA or SIA.

Whether the attribute is actually part of some cert, is another question.

Prev by Date: As seen on National Television !!!
Next by Date: Re: time stamping interoperability tests
Previous by thread: RE: Basic Cert-2-Directory mapping question
Next by thread: Re: Basic Cert-2-Directory mapping question
Index(es):
- Date
- Thread