[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

OCKID Question?

To: PKIX <ietf-pkix@xxxxxxx>
Subject: OCKID Question?
From: "Sean P. Turner" <turners@xxxxxxxx>
Date: Mon, 18 Mar 2002 08:52:48 +1200
Cc: "Hoffman, Paul" <phoffman@xxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Organization: IECA, Inc.
Sender: owner-ietf-pkix@xxxxxxxxxxxx

Paul,

I had a read of the OCKID draft - what a novel concept :)  I'm just
curious why the only choices included are the EE, CA, AA, and bare key.
There are other things that you trust in the PKIX realm like OCSP
responders.  If the trouble was trying to profile it so that you'd know
it was and OCSP responder  you could look for id-kp-OCSPSigning OBJECT
IDENTIFIER ::= {id-kp 9} in extended key usage.  I'm sure there are
others but that's the one that popped to the top.

Cheers,

spt

Follow-Ups:
- Re: OCKID Question?
  - From: Paul Hoffman / IMC

Prev by Date: Re: DPD/DPV reqmts strawpoll
Next by Date: WG: <draft-ietf-pkix-pi-03.txt>
Previous by thread: Re: Updating RFC 3039 - and its impact on PI
Next by thread: Re: OCKID Question?
Index(es):
- Date
- Thread