[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [IETF-PKIX] Multiple certificates for same key?

To: IETF-PKIX@xxxxxxxxxxxxxxxx
Subject: Re: [IETF-PKIX] Multiple certificates for same key?
From: Trevor Freeman <trevorf@xxxxxxxxxxxxx>
Date: Wed, 4 Mar 1998 10:37:31 -0800
Approved-by: Trevor Freeman <trevorf@MICROSOFT.COM>
Reply-to: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>
Sender: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>

It is impossible for CA to establish whether a public key has been used in a
certificate elsewhere.
The public key bind the user to the certificate, but the it is the
certificate which hold the CA policy on the use of the certificate which is
equally important part of the process.
It is impossible to resolve this issue within the PKI alone. We should
recommend that when generating a signature for non-repudiation purposes
applications must ensure that the identity of the certificate used to sign
is part of the data protected by the signature.

Prev by Date: Re: [IETF-PKIX] Re patent 5699431 & PKIX
Next by Date: Re: [IETF-PKIX] Multiple certificates for same key?
Previous by thread: Re: [IETF-PKIX] Multiple certificates for same key?
Next by thread: Re: [IETF-PKIX] Multiple certificates for same key?
Index(es):
- Date
- Thread