RE: Q: Where should do I put a max amount in a X.509v3 certificate?

["Yee, Peter" <pyee@xxxxxxxxxxxxxxx>]

I have to agree with Michael on this point -- although we're having an
interesting discussion on the technical means by which a purchase limit
can be accomplished, if we're getting down to the case at hand, Roberto
needs to specify many things, among them:

   o  Is the limit delegated?
   o  By whom?
   o  Does the lifetime in which the limit may be used correspond to
      the lifetime of the PKC of the "user" of the purchase limit, or
      to some other period?
   o  Does the purchase limit need to be understood within an open or
      closed community?
   o  Is the CA authoritative for more than name-to-key bindings?

I'm sure there are other questions to ask.  Without answering them, we're
sort of stuck talking in generalized terms.

						-Peter Yee
						pyee@xxxxxxxxxxxxxxx

>From: Michael Ströder [mailto:michael@xxxxxxxxxxxx]
>Sent: Monday, March 11, 2002 6:55 AM
>Subject: Re: Q: Where should do I put a max amount in a X.509v3
certificate?
>
>I'd suggest to thoroughly discuss a business model first before thinking 
>about technical aspects (not on PKIX list off course). From some discussion

>I remember that most drafts for something like this just didn't fit into
how 
>financial institutions are working (although the institutions were
committed 
>to use this particular PKI ;-).
>
>So defining technical specifications was completely useless because there 
>was no working business model behind it.

>Ciao, Michael.