[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

A question and comment about PKIX - Part 1, Version 11.

To: ietf-pkix@xxxxxxx
Subject: A question and comment about PKIX - Part 1, Version 11.
From: Allen_Rochkind@xxxxxxxx
Date: Mon, 28 Sep 1998 14:55:42 -0700
Sender: owner-ietf-pkix@xxxxxxx

First the question.   In Section 5.2 "CRL Extensions", p. 46, it says:

     "A CRL validation MUST fail if it encounters a critical extension
which it does not know how to process".

My question is exactly what does it means that a "CRL validation fails"?.
Does this mean that the CRL is to be ignored and that any certificates that
might appear on the CRL are not invalidated by the CRL?.  I would suppose
it is that interpretation rather than that a certificate validation fails
if such a CRL is encountered.

And now a minor comment.  I notice that RFC 2044 (on UTF8 strings) has been
obsoleted by RFC 2279.  The comment is just to update the RFC reference in
the spec in Appendix A.1 under UTF8String (p.69).

Follow-Ups:
- Re: A question and comment about PKIX - Part 1, Version 11.
  - From: Russ Housley
- Re: A question and comment about PKIX - Part 1, Version 11.
  - From: Paul Hoffman / IMC

Prev by Date: RE: NEW Data type for certificate selection ?
Next by Date: Re: A question and comment about PKIX - Part 1, Version 11.
Previous by thread: Time Stamp and Notary Drafts
Next by thread: Re: A question and comment about PKIX - Part 1, Version 11.
Index(es):
- Date
- Thread