Re: Signer certificate discovery for CRLs

To: Stefan Santesson <stefans@xxxxxxxxxxxxx>
Subject: Re: Signer certificate discovery for CRLs
From: Denis Pinkas <Denis.Pinkas@xxxxxxxx>
Date: Wed, 27 Oct 2004 09:31:30 +0200
Cc: pkix <ietf-pkix@xxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Organization: Bull SA.
References: <>
Sender: owner-ietf-pkix@xxxxxxxxxxxx
User-agent: Mozilla/5.0 (Windows; U; Win98; en-US; rv:1.0.1) Gecko/20020823 Netscape/7.0

Stefan,

Denis,

<snip>

Use of AIA in CRLs would be one way to do it, while the use of SIA
in CA certificates is the other way.

I'm pleased to read that you acknowledge AIA in CRLs as a valid option.
That is all I ask for.

I'm pleased to read that you noticed that AIA *would be an option* since I used "would be" in the case of AIA and "is" in the case of SIA:

Use of AIA in CRLs *would be* one way to do it, while the use of SIA
in CA certificates *is* the other way.  :-)

Denis

Stefan Santesson
Microsoft Security Center of Excellence (SCOE)

References:
- RE: Signer certificate discovery for CRLs
  - From: Stefan Santesson