[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: RE: Trust Anchor/Registry Security
Yep, we are not mandating any implementation. And the registry operator would most probably use an existing PKI implementation and/or libraries. We just say that the certificate chain, validity, CRLs and any other schemes to authenticate and validate a certificate need to be done. cheers > -----Original Message----- > From: rsalz@[161.58.16.59] [mailto:rsalz@[161.58.16.59]]On Behalf Of > Rich Salz > Sent: Tuesday, January 16, 2001 12:31 PM > To: Steve Hanna > Cc: Krishna Sankar; ebxml-ta-security@lists.ebxml.org; ebXML-Regrep > Subject: Re: Trust Anchor/Registry Security > > > Steve's right, of course, that properly verifying a certificate's > validity > (and path -- that is, identity) are a lot of work. > > For this reason, I would really like us to leave it as an implementation > issue. Referring to the IETF RFC (2459 and its successor(s)) for a > discussion of the issues involved is a good idea. > /r$ >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC