[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: OCKID Question?

To: "Sean P. Turner" <turners@xxxxxxxx>, PKIX <ietf-pkix@xxxxxxx>
Subject: Re: OCKID Question?
From: Paul Hoffman / IMC <phoffman@xxxxxxx>
Date: Mon, 18 Mar 2002 08:07:31 -0800
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

At 8:52 AM +1200 3/18/02, Sean P. Turner wrote:

I'm just
curious why the only choices included are the EE, CA, AA, and bare key.

Because those were what I had thought of

There are other things that you trust in the PKIX realm like OCSP
responders.

Sounds good; I can add it.

  If the trouble was trying to profile it so that you'd know
it was and OCSP responder  you could look for id-kp-OCSPSigning OBJECT
IDENTIFIER ::= {id-kp 9} in extended key usage.  I'm sure there are
others but that's the one that popped to the top.

If there are others, please send them to me or the PKIX mailing list.

--Paul Hoffman, Director
--Internet Mail Consortium

References:
- OCKID Question?
  - From: Sean P. Turner

Prev by Date: WG: <draft-ietf-pkix-pi-03.txt>
Next by Date: Re: <draft-ietf-pkix-pi-03.txt>
Previous by thread: OCKID Question?
Next by thread: WG: <draft-ietf-pkix-pi-03.txt>
Index(es):
- Date
- Thread