[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: PKIX-2 http

To: peter@xxxxxxxxxxxx, gangolli@xxxxxxxxxxxxxxxxxx
Subject: Re: PKIX-2 http
From: Russ Housley <housley@xxxxxxxxxx>
Date: Thu, 02 Oct 1997 16:46:06 -0400
Cc: ietf-pkix@xxxxxxxxxx
In-reply-to: <>
References: <>

Anil and Peter:

We need to agree the MIME type for returning an http resource, and I
suspect that the ones we select will be used by Trevor in the e-mial document.

I propose that we define two types:

	application/pkix-cert
	application/pkix-crl

I suggest the use of "pkix" insepad of "x509" so that an application can be
assured that the PKIX Certificate and CRL Profile is followed.  I suspect
that many programmers will implement to the PKIX profile, not the full
generality of X.509.  If I am wrong, we wasted a lot of time developing a
profile that will be ignored.

Anil, I do not see a reson to distinguish between user and CA certificates
in the MIME type.  In your message, you proposed separate MIME types.
Don't you think that the same software application will process the
certificate?  If so. then the signed information inside the certificate
should be used to determine if it is a CA certificate or a user certificate.

Russ

Follow-Ups:
- Re: PKIX-2 http
  - From: Anil R. Gangolli

References:
- PKIX-2 http
  - From: Peter Williams
- Re: PKIX-2 http
  - From: Anil R. Gangolli

Prev by Date: Re: PKI Modeling
Next by Date: References for sha-1With RSAEncryption
Previous by thread: Re: PKIX-2 http
Next by thread: Re: PKIX-2 http
Index(es):
- Date
- Thread