[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Certificate requests for encryption keys

To: BJUENEMAN@xxxxxxxxxx, keith@xxxxxxxxxxxx
Subject: Re: Certificate requests for encryption keys
From: "Brian M. Thomas" <bt0008@xxxxxxxxxxxxxxx>
Date: Tue, 8 Jun 1999 13:48:58 -0500 (CDT)
Cc: ietf-pkix@xxxxxxx
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxx

An EE's assertion is both necessary and sufficient to bind an
encryption key to itself.  There is therefore neither need nor
justification for a CA's involvement.  As to someone else's
authorization to use that key for encryption (as in key recovery
scenarios) that is another matter, and only meaningful if the CA is
also the authority (e.g.  employer) authorizing it to be used for that
purpose.

brian

Brian Thomas, CISSP - Distributed Systems Architect  bt0008@sbc.com
Southwestern Bell                                    bthomas@primary.net
One Bell Center,  Room 34G3                          Tel: 314 235 3141
St. Louis, MO 63101                                  Fax: 314 235 0162

Follow-Ups:
- Re: Certificate requests for encryption keys
  - From: Stephen Kent

Prev by Date: Re: Summary, was Re: Every time ..., was Re: General formula
Next by Date: Re: Certificate requests for encryption keys
Previous by thread: Re: Certificate requests for encryption keys
Next by thread: Re: Certificate requests for encryption keys
Index(es):
- Date
- Thread