[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

optional fields in time stamp responses.

To: Denis.Pinkas@xxxxxxxx, robert.zuccherato@xxxxxxxxxxx, jgonzalez@xxxxxxx
Subject: optional fields in time stamp responses.
From: Peter Sylvester <Peter.Sylvester@xxxxxxxxxx>
Date: Fri, 9 Apr 1999 11:02:14 +0200
Cc: ietf-pkix@xxxxxxx
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxx

It seems to me that a lot of fields in a time stamp response
or dcs response can be avoided by using signed/authenticated
attributes. 

For example the time can be replaced by a signing time attribute.

In general I believe that an attribute that contains a cms
document plus a description/pointer would be very useful:

- The responses from TDAs are just signed documents.

- You want to include DCS token cpkc for your signature
  cert and another for possession of data in the signature
  of the data. 

- In an ess three way signed/encrypted/signed structure, one
  might add a dcs validation response for the encryption
  cert to indicate that the recipients dcs server 'authorisation'
  to use the encryption key. 

Otherwise each application protocol like time stamping or dcs can 
define its own oid (which would be necessary anyway for oscp
responses).

Thoughts?
PS

Prev by Date: Re: Time-Stamp: Why not use several hashes?
Next by Date: Re: Time Stamp: tsa field in TSTInfo
Previous by thread: CyberPhone Trust Propagation Was: A $25,000,000,000 PKI
Next by thread: About Diffie-Hellman algorithm and Shamir threshold
Index(es):
- Date
- Thread