[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Logotype: what happens when a communityLogo is lost ?

To: "'Denis Pinkas'" <Denis.Pinkas@xxxxxxxx>, pkix <ietf-pkix@xxxxxxx>
Subject: RE: Logotype: what happens when a communityLogo is lost ?
From: "Eric D. Williams" <eric@xxxxxxxxxxx>
Date: Tue, 17 Dec 2002 11:04:55 -0500
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Organization: Information Brokers, Inc.
Sender: owner-ietf-pkix@xxxxxxxxxxxx

I think the statement:

> "If communityLogos is present, the logotypes MUST represent one or more
> communities to which the certificate issuer is affiliated."

covers the situation adequately.  As long as the issuers certificate contains 
at least one valid communityLogo then the associated certificates should not be 
revoked, however there is the issue of where the cert's out there contain only 
the one communityLogo and have communityLogo present, in that case it may be 
that we should recommend that communityLogo not be included in the certificate 
(that is only one community affiliation).  Yes, that is troublesome but it 
fixes your issue.  This brings the consequence that vendors should seek more 
than one affiliation.  I think your final statement too (paraphrasing): "...but 
beware of revoking XXXX certificates just because one logotype has been (even 
temporarily) lost." may be better stated as "but beware of revoking XXX 
certificates because your ONLY logotype has been (even temporarily) lost."

Eric

-----
		mailto:eric@xxxxxxxxxxx
                    PGP Public Key
   http://new.infobro.com/KeyServ/EricDWilliams.asc
Finger Print: 1055 8AED 9783 2378 73EF  7B19 0544 A590 FF65 B789
----------------------------------------------------------------
The information in this message is confidential.  It is intended
solely for addressee(s).  Access to this message by anyone else
is unauthorized.  If you are not the intended recipient, any
disclosure, copying, distribution or any action taken or omitted
to be taken in reliance on it, is prohibited and may be unlawful.

On Tuesday, December 17, 2002 6:52 AM, Denis Pinkas 
[SMTP:Denis.Pinkas@xxxxxxxx] wrote:
>
> What happens when a communityLogo is lost ?
>
> The current text says:
>
> "If communityLogos is present, the logotypes MUST represent one or more
> communities to which the certificate issuer is affiliated."
>
> The question is the following:
>
> If for any reason, a certificate issuer is loosing (even temporarily) one
> of its community logos, MUST all certificates bearing such a logo be
> revoked ? or is the community logo testified by the CA as valid only at
> the time of issuance of the certificate ?
>
> Same question for the Issuer Organization Logotype and the Subject
> Organization Logotype.
>
> Should we distinguish between logotypes verified as valid only at the time
> of issuance of the certificate and logotypes that will be a case for
> certificate revocation when the logotype is temporarily or definitively
> lost ?
>
> Whatever decision is taken on that aspect, the text should be explicit,
> but beware of revoking XXXX certificates just because one logotype has
> been (even temporarily) lost.
>
> Denis

Prev by Date: RE: Logotype: communitylogoURI addition ?
Next by Date: RE: Logotype: what happens when a communityLogo is lost ?
Previous by thread: RE: Logotype: what happens when a communityLogo is lost ?
Next by thread: [TSP] misc comments
Index(es):
- Date
- Thread