[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

questions about draft-ietf-pkix-certstore-http-08

To: <pgut001@xxxxxxxxxxxxxxxxx>, <ietf-pkix@xxxxxxx>
Subject: questions about draft-ietf-pkix-certstore-http-08
From: Cullen Jennings <fluffy@xxxxxxxxx>
Date: Fri, 15 Oct 2004 11:47:19 +0200
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
User-agent: Microsoft-Entourage/11.0.0.040405


First of all let me say, I really like this and have for a long time - I'm
really glad to see the IESG last call on it.

I'm not exactly sure if I understand what the uri attribute matches. I want
something that matches any one of the entries in the SubjectAltName list.

In section 2.2 when using the uri attribute, I assume that if a certificate
had a SubjectAltName with a two URI's of say im:alice@xxxxxxxxxxx and
xmpp:alice@xxxxxxxxxxx, if I did a query (with appropriate escaping which I
did not do below) of

GET /search.cgi?uri=im:alice@xxxxxxxxxxx HTTP/1.1

that it would find this cert. Do I have this correct?

Thanks, Cullen

Prev by Date: RE: Signer certificate discovery for CRLs
Next by Date: RE: Signer certificate discovery for CRLs
Previous by thread: Effect of adding an attribute to CSR
Next by thread: CFP 2005 PKI R&D Workshop - Deadline soon
Index(es):
- Date
- Thread