[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Displaying an X.509 certificate

To: "ietf-pkix@xxxxxxxxxx" <ietf-pkix@xxxxxxxxxx>, "'denny@xxxxxxxxxxxxxxxxxx'" <denny@xxxxxxxxxxxxxxxxxx>
Subject: RE: Displaying an X.509 certificate
From: Peter Williams <peter@xxxxxxxxxxxx>
Date: Thu, 21 Nov 1996 09:40:06 -0800

This is highly touchy subject!

For several legal reasons there are needs to "document"
a certificate. There is a formal notation system for
ASN.1 values, fortunately, as there are for
ASN.1 types. Its been my recommendation to
date that one uses this formalism as
it has international recognition, and therefore
a certain legal standing because of that
concensus, review, and voting procedure.

Whilst ASN.1 value notation may suit court proceedings, the particular
form, arguably, does not suit residential consumers - from
the perpective of their fully understanding what
is being presented. But, looking at EDI, SPKI, PGP and ASN.1
certs, I dont think anyone of these forms will ever fit that bill, however. 

next. The world is no longer reduced to American ascii character
sets, and in an international setting such as the
internet, any popular consumer format really has to embrace
multi-byte char sets, especially when these chars are used 
to signal peoples names. ASN.1 has the benefit (and deliberate design) that
its value notation is flexible enough to present strings in
particular char sets natively (human readable form!), not in
encoded octet form.

I think it would be useful for PKIX to establish an Internet
presentation format for Internet PKI certs, which does not rely on encoding
forms. Elements of the above would all be useful as starting point.

(its worth noting that the legally-relevant EDI messaging and
trusted third-party msg delivery industry has not demonstrated
huge legal/consumer problems with its estoteric, highly-computer-centric
encoding and data presentation formats; but then its not your residential
consumer who has very often been the intended recipient of the service)

Peter.

 
----------
From: 	denny@theory.lcs.mit.edu
Sent: 	Wednesday, November 20, 1996 6:44 PM
To: 	ietf-pkix@tandem.com
Subject: 	Displaying an X.509 certificate




Does anyone know where I can find a program that, given an X.509 certificate, will
display its fields and their values in some human-readable form?



Thanks,

Gillian Elcock

Prev by Date: Re: Betr.:: Delivery-Report (failure) for deane.erwin@gsa.gov
Next by Date: Re: Displaying an X.509 certificate
Previous by thread: Displaying an X.509 certificate
Next by thread: Re: Displaying an X.509 certificate
Index(es):
- Date
- Thread