[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why is privateKeyUsagePeriod deprecated?

To: "Al Arsenault" <aarsenau@xxxxxxx>
Subject: Re: Why is privateKeyUsagePeriod deprecated?
From: Russ Housley <housley@xxxxxxxxxxxx>
Date: Thu, 24 Jul 2003 09:22:13 -0400
Cc: <ietf-pkix@xxxxxxx>
In-reply-to: <>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
References: <>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

I agree with Al's conclusion. SHOULD NOT is the right wording for RFC 3280 (and its successor).

Russ

At 05:00 PM 7/23/2003 -0400, Al Arsenault wrote:

I'm certainly open to explanations as to what I'm missing; that is, why it's
important to have this information in the certificate and what you'd do
different because of it.  But given that privateKeyUsagePeriod is permitted
in a certificate for those who really want it (it's a SHOULD NOT, not a MUST
NOT unless you want to mark it critical), and I personally don't see any
benefit to it, I'm in favor of leaving the recommendation the way it is in
3280.

References:
- Re: Why is privateKeyUsagePeriod deprecated?
  - From: Peter Gutmann
- Re: Why is privateKeyUsagePeriod deprecated?
  - From: Al Arsenault

Prev by Date: Re: Microsoft and multi-valued RDNs (was: draft minutes)
Next by Date: Re: Microsoft and multi-valued RDNs (was: draft minutes)
Previous by thread: Re: Why is privateKeyUsagePeriod deprecated?
Next by thread: Re: Why is privateKeyUsagePeriod deprecated?
Index(es):
- Date
- Thread