[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: generation of private keys

To: ietf-pkix@xxxxxxx
Subject: Re: generation of private keys
From: Stefan Kelm <kelm@xxxxxxxxxx>
Date: Tue, 8 Dec 1998 19:22:29 +0100 (MET)
Reply-to: ietf-pkix@xxxxxxx
Sender: owner-ietf-pkix@xxxxxxx

> After all this discussion of whether it would be possible to cope with
> a CA that doesn't do POP, it still isn't clear to me why that would be
> a USEFUL option.
>
> If it adds no value, don't do it.  Especially since it introduces a
> security hazard.
>
> Could you give an example where having a non-POP CA is a thing of
> significant value?

Well, it seems that we're drifting away from my initial suggestion. I
conclude that there's no general interest in adding an extension, right?

Cheers,

        Stefan.

______________________________________________________________________________
Stefan Kelm            PGP key: "finger kelm@www.pca.dfn.de" or via key server
DFN-PCA, University of Hamburg                               <kelm@pca.dfn.de>
Vogt-Koelln-Str. 30                               http://www.pca.dfn.de/~kelm/
22527 Hamburg (Germany)          Tel: +49 40 5494 2262 / Fax: +49 40 5494 2241

Prev by Date: POP profile in CRMF /Was Re: generation of private keys
Next by Date: tagged CHOICEs in CRMF ASN.1
Previous by thread: POP profile in CRMF /Was Re: generation of private keys
Next by thread: FW: Minor confusion in PKIX part 1, section 7.3.3
Index(es):
- Date
- Thread