[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Path validation and self-signed certificates

To: david.cooper@xxxxxxxx, steve.hanna@xxxxxxx
Subject: Re: Path validation and self-signed certificates
From: Peter Sylvester <Peter.Sylvester@xxxxxxxxxx>
Date: Mon, 27 Aug 2001 19:55:47 +0200 (MET DST)
Cc: ietf-pkix@xxxxxxx
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

> This makes path discovery even harder than it was before. If we
> require that self-signed certificates be forbidden or ignored in
> PKIX path validation, none of this will be a concern.
> 

Why does PKIX need to say something that is essentially
already in X.509? Aren't self-signed certificates of type a)
ignored for path validation in X.509?

Follow-Ups:
- Re: Path validation and self-signed certificates
  - From: Steve Hanna

Prev by Date: Re: Recommended changes to draft-ietf-pkix-new-part1-08
Next by Date: Re: Path validation and self-signed certificates
Previous by thread: RE: Path validation and self-signed certificates (was RE: Recomme ndedchanges to draft-ietf-pkix-new-part1-08)
Next by thread: Re: Path validation and self-signed certificates
Index(es):
- Date
- Thread