[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
certificate which has both AIA and CRL DPs
Hello
I would like to generate a certificate which has
both AIA and CRL DPs.
Question1 : In RFC2459 specification, is this
certificate legal or illegal ?
Question2 : If this certificate is legal, how does it describe the
order of priority to process those extensions?
For example,
------------------------------------------------
1st. OCSP server-1
2nd. OCSP server-2
3rd. CRL DP-1
4th. CRL DP-2
or
1st. OCSP server-1
2nd. CRL DP-1
3rd. OCSP server-2
4th. CRL DP-2
etc ...
------------------------------------------------
Is a new extension(or any scheme) which describes the
list of these priorities needed?
like this
LIST {
1st use AIA's 1st element,
2nd use CRL DPs 1st element,
3rd use "other method",
4th use AIA's 2nd element,
5th use CRL DPs 2nd element,
etc ...
}
Please, can anyone help?
Hioryuki Sakakibara
=========================================
Hiroyuki Sakakibara
Research Engineer
Information Security Department
Mitsubishi Electric Corporation
Information Technology R&D Center
5-1-1 Ofuna, Kamakura, Kanagawa, 247-8501, Japan
PHONE: +81-467-41-2183
FAX: +81-467-41-2185
==========================================