[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Last Call: draft-ietf-pkix-new-part1-06.txt comments

To: "Stephen Kent" <kent@xxxxxxx>, "David A. Cooper" <david.cooper@xxxxxxxx>
Subject: RE: Last Call: draft-ietf-pkix-new-part1-06.txt comments
From: "Michael Myers" <myers@xxxxxxxxxxxxx>
Date: Wed, 18 Apr 2001 21:34:20 -0700
Cc: <ietf-pkix@xxxxxxx>
Importance: Normal
In-reply-to: <>

Steve,

> -----Original Message-----
> From: Stephen Kent [mailto:kent@xxxxxxx]
> Sent: Wednesday, April 18, 2001 4:18 PM
>
> . . .
> . . .  Nowhere in X.509 or in previous PKIX
> documents has there ever been text to suggest
> that other than a CA can sign a CRL for a
> public key certificate.

I take it you mean CA as an entity vs. CA as the key the signed the
certificate.

> Also, in responde to other messages I've just been reading, I want to
> pont out that OCSP responses are not CRLs . . .

But one could (in fact it is being done) use OCSP to functionally replace
CRLs.

Mike

Follow-Ups:
- RE: Last Call: draft-ietf-pkix-new-part1-06.txt comments
  - From: Stephen Kent

References:
- Re: Last Call: draft-ietf-pkix-new-part1-06.txt comments
  - From: Stephen Kent

Prev by Date: RE: Help Sought on Netscape Revocation URL causing MS Programs to hang
Next by Date: Re: Dedicated CRL signing keys
Previous by thread: Re: Last Call: draft-ietf-pkix-new-part1-06.txt comments
Next by thread: RE: Last Call: draft-ietf-pkix-new-part1-06.txt comments
Index(es):
- Date
- Thread