[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: NEW Data type for certificate selection ?

To: "Dwight Arthur" <dwightarthur@xxxxxxxxxxxxxx>, "Stefan Santesson" <stefan@xxxxxxxxxxx>, "Alan Lloyd" <Alan.Lloyd@xxxxxxxxxxxxxxxxxxxx>, <ietf-pkix@xxxxxxx>, <list@xxxxxxxxxxxxxxxxx>, <cert-talk@xxxxxxxxxxxxxxxxxx>
Subject: RE: NEW Data type for certificate selection ?
From: "Phillip M Hallam-Baker" <pbaker@xxxxxxxxxxxx>
Date: Fri, 9 Oct 1998 16:09:16 -0400
Importance: Normal
In-reply-to: <>
Sender: owner-ietf-pkix@xxxxxxx

> Note that I am _not_ advocating roles or authorizations in the 
> certificate.
> I am advocating policies, represented by OIDs, that specify issues like
> acceptable uses of certificates, applicable communities of interest, etc.
> where all subjects, issuers, and authorized relying parties are bound by
> contract to the policy.

A very important distinction. If there is a private agreement to recognize
a particular OID as having a specific semantics the extension is logically
a simple reference to a commonly agreed standard. 

The problem comes in attempting to create public standards for such
agreements ab initio. Clearly private agreements can be widely adopted
and evolve into public standards through use and convention. It is
very hard to invent public conventions however.

You may be interested in the eTerms project of the ICC which is essentially
a third party repository into which terms of this nature can be deposited.


		Phill

References:
- RE: NEW Data type for certificate selection ?
  - From: Dwight Arthur

Prev by Date: RE: Common misconception #10. was RE: NEW Data type forcertificate
Next by Date: RE: Common misconception #10. was RE: NEW Data type forcertificate
Previous by thread: RE: NEW Data type for certificate selection ?
Next by thread: RE: NEW Data type for certificate selection ?
Index(es):
- Date
- Thread