[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Low-fat leaf certificates

To: Anders Rundgren <anders.rundgren@xxxxxxxxxx>
Subject: Re: Low-fat leaf certificates
From: Denis Pinkas <Denis.Pinkas@xxxxxxxx>
Date: Thu, 08 Apr 1999 11:23:08 +0200
Cc: "'ietf-pkix@xxxxxxx'" <ietf-pkix@xxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Organization: Bull
References: <>
Sender: owner-ietf-pkix@xxxxxxx

Anders,

Your E-mail got burried under hundred of other E-mails. Sorry for the delay to respond.

You misunderstood my talk. I am advocating against numerous extensions to certificates that could be
handled generically by "administrative" certificates that contain information valid for a large number of
leaf certificates.

So the topic you address is unrelated.

Regards,

Denis


> David,
> Just to make sure that you don't misunderstand me:
>
> I am VERY much in favor of your "Low-fat leaf certificates".
>
> That is what CyberPhone is all about.  A CyberID SUBJECT is
> supposed to consist of just two items:
>
> 1)  "Name"  (an alias/friendly name [as you are allowed to change name without changing "e"-identity])
>
> 2) "dnQualifier"  (a static [probably random] unique identifier in the domain)
>
> It is hard to get much slimmer than that!
>
> But a "low-fat" cert may have a "fat" cousin cert that does the dirty work in the
> rare situations that requires it.  And if they can share a common format life will
> be simpler than if all "fat" data has to be handled "out-of-band" instead of in
> nice "structured signed and certified containers of data"
>
> Regards
> Anders
> http://www.mobilephones-tng.com

References:
- Low-fat leaf certificates
  - From: Anders Rundgren

Prev by Date: Re: CA vs. EE cert processing
Next by Date: Re: Time Stamping: comments on nonce field
Previous by thread: Low-fat leaf certificates
Next by thread: Re: Low-fat leaf certificates
Index(es):
- Date
- Thread