[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Online Certificate Revocation Protocol

To: jim <jimhei@xxxxxxxxxxxxxx>
Subject: Re: Online Certificate Revocation Protocol
From: Lynn.Wheeler@xxxxxxxxxxxxx
Date: Wed, 13 Jun 2001 08:26:58 -0700
Cc: Carlin Covey <ccovey@xxxxxxxxxx>, ietf-pkix@xxxxxxx
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx


a certificate doesn't represent anything particularly magic ... pretty much
a credential target at being used in offline environments (when there
access to an online authority) ... and the thing the credential represents
is pretty much ... stuff that notaries do on a routine basis .... check
some sort of reference to authenticate some information. In fact, a big
part of the reason that a certificate has a validity period at all ... is
to limited the exposure of a certifying authority in an offline paradigm
environment where the certificate could be used in an unknown number of
unknown transactions. A notary doing the certification in real time and
online doesn't have that exposure because they typically know the number
and kinds of transactions they are certifying.




jim <jimhei@xxxxxxxxxxxxxx> on 06/13/2001 06:24:03 AM

To:   Lynn Wheeler/CA/FDMS/FDC@xxx
cc:   Carlin Covey <ccovey@xxxxxxxxxx>, ietf-pkix@xxxxxxx
Subject:  Re: Online Certificate Revocation Protocol


This is especially true if the secure audit trail contains the information
that
the user was authenticated at the beginning of the session and that the
authentication was successful, the certificate was within its validity
period
and that it was not revoked.
Jim

Prev by Date: Re: Online Certificate Revocation Protocol
Next by Date: Attribute Certificate
Previous by thread: SV: Online Certificate Revocation Protocol
Next by thread: Re: SV: Online Certificate Revocation Protocol
Index(es):
- Date
- Thread