[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: QC Container-ID (card serial)

To: ietf-pkix@xxxxxxx
Subject: Re: QC Container-ID (card serial)
From: Juergen Brauckmann <brauckmann@xxxxxxxxxxxxxxxxxx>
Date: Wed, 03 Nov 1999 12:09:22 +0100
In-reply-to: <>

At 11:32 03.11.99 +0100, Anders Rundgren wrote:
>>So if you want to express something about where the private key is stored
>>(which could be valuable information in some cases), then I suggest that
>>you use the qcStatataments extension.
>
>>You could define a statement saying "The private key associated with this
>>certificate is protected within a Smart Card that meets requirements
>>defined by FIPS xxxx ....."
>
>I do not agree as statements of the kind you describe cannot easily be
interpreted by
>computers without a lot of secret agreements between RPs and CAs.
>
>For that reason I suggest that this becomes an optional extension that does
>not need "interpretation" .  Like certificate serial numbers.

Disregarding the question whether this is in the scope of the QC profile or
not, I would like to draw your attention to the ICCSN-extension that has
been defined in the German Sig Law Interop Spec:

iCCSN EXTENSION ::= {
     SYNTAX ICCSNSyntax
     IDENTIFIED BY id-sigi-at-iCCSN }

ICCSNSyntax ::= IMPLICIT OCTETSTRING (SIZE(15..23))

id-sigi-at-iCCSN OBJECT IDENTIFIER ::= { 1 3 36 8 3 6 }

Regards,
   Juergen
-- 
Juergen Brauckmann             Tel.:  040 / 8080 26 311
TC Trust Center for Security   Fax.:  040 / 766 29 577
in Data Networks GmbH 	    mailto:Brauckmann@trustcenter.de
Am Werder 1    		    http://www.trustcenter.de	
21073 Hamburg

References:
- Re: QC Container-ID (card serial)
  - From: Anders Rundgren

Prev by Date: Re: QC Container-ID (card serial)
Next by Date: RE: QC certificates and Nationality
Previous by thread: Re: QC Container-ID (card serial)
Next by thread: RE: QC Container-ID (card serial)
Index(es):
- Date
- Thread