[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Why is privateKeyUsagePeriod deprecated?

To: pgut001@xxxxxxxxxxxxxxxxx, tgindin@xxxxxxxxxx
Subject: Re: Why is privateKeyUsagePeriod deprecated?
From: pgut001@xxxxxxxxxxxxxxxxx (Peter Gutmann)
Date: Fri, 25 Jul 2003 21:02:37 +1200
Cc: d.w.chadwick@xxxxxxxxxxxxx, ietf-pkix@xxxxxxx, kent@xxxxxxx
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

Tom Gindin <tgindin@xxxxxxxxxx> writes:

  The validity period for a certificate is the period of time from notBefore
  through notAfter, inclusive.  When an RP is validating the signature on a
  document which claims to have been signed or produced at a given past time,
  the RP SHOULD proceed with the verification of the signature if that time is
  within the validity period even though the time of verification is outside
  it. If the RP requires authoritative proof either of the time at which the
  document was signed or of the certificate's not having been revoked, it MAY
  reject the signature.

That works for me.  Russ, any chance of getting this added to bride-of-3280?

Peter.

Follow-Ups:
- Re: Why is privateKeyUsagePeriod deprecated?
  - From: Russ Housley
- Re: Why is privateKeyUsagePeriod deprecated?
  - From: Stephen Kent

Prev by Date: RE: Microsoft and multi-valued RDNs (was: draft minutes)
Next by Date: Re: I-D ACTION:draft-ietf-pkix-certpathbuild-00.txt
Previous by thread: RE: Re: Why is privateKeyUsagePeriod deprecated?
Next by thread: Re: Why is privateKeyUsagePeriod deprecated?
Index(es):
- Date
- Thread