[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: QC Container-ID (card serial)
Anders,
Lets agree to the fact that a container ID shouldn't be part of the
subjects name.
So if you want to express something about where the private key is stored
(which could be valuable information in some cases), then I suggest that
you use the qcStatataments extension.
You could define a statement saying "The private key associated with this
certificate is protected within a Smart Card that meets requirements
defined by FIPS xxxx ....."
Then you could add qualifying information expressing the ID of the
container (chip serial number or card serial number or what ever).
And then you are all set.
I will in fact suggest to the European standardization process that a
similar qcStatement should be defined as a response to the ES-directive.
This statement would state that the private key is contained in a secure
signature creation device according to the ES-directive Annex III.
/Stefan
At 07:54 AM 11/3/99 +0000, Anders Rundgren wrote:
>Sorry for bringing this up again but I have not received an answer yet.
>
>
>It is likely that a large part of future QCs will be put in smart cards, be it
>descrete credit-card-sized cards, SIM/WIM cards, or Java Rings etc.
>
>These physical containers always have a serial number or similar that
>I think should be possible to specify in QCs (using a pre-defined identifier)
>to be able to track which container that was used for generating a digital
>signature.
>
>Please....
>
>Anders
-------------------------------------------------------------------
Stefan Santesson <stefan@accurata.se>
Accurata AB http://www.accurata.se
Slagthuset Tel. +46-40 108588
211 20 Malmö Fax. +46-40 150790
Sweden Mobile +46-70 5247799
PGP fingerprint: 89BC 6C79 5B3D 591B 8547 1512 7D11 DBF4 528F 29A0
-------------------------------------------------------------------