|
|
RE: directory enabled certificate status draft: msg#00322ietf.x509
Could either post it to the list (if it is short) or put it on an ftp site somewhere? It is quite likely that the draft will not appear untill after Chicago. Looking at the abstract it appears that you anticipate an extension to the X.500 server model. Will this require vendor support? If the mechanism can be made general there is a much better chance of gaining acceptance. The certificate test and fetch command sounds like it is simply a special case of a more general mechanism. Phill > -----Original Message----- > From: owner-ietf-pkix@xxxxxxx [mailto:owner-ietf-pkix@xxxxxxx]On Behalf > Of Alan Lloyd > Sent: Sunday, August 23, 1998 10:14 PM > To: ietf-pkix@xxxxxxx > Subject: directory enabled certificate status draft > > > Dear all, > I have put together a draft doc - 12 or so pages re this issue. I posted > the request to the IETF drafts list this AM . but due to meetings they > will process sometime soon. > > The abstract is as follows: > > > <draft-ietf-pkix-dir-cert-stat-01.txt> > > > This Internet Draft specifies some proposed enhancements to the X.500 > information schema and matching rules to support Certificate path > processing, certificate status and CRL mechanisms. These enhancements > provide advantages over existing Certificate validation and CRL > mechanisms. In particular, the mechanisms proposed can: > > (a) reduce the need for unnecessarily fetching CRLs; > (b) allow certificate status-CRL evaluation time to be improved; > (c) provide a directory supported certificate test and fetch capability; > (d) better support use of certificates in multiple environments with > different CRL arrangements. > (e) simplify the client software in the areas of certificate path, > certificate validity and CRL processing. > (f) provide the client a range of trust options when validating > certificates. > (g) provide a range of implementation options so that gradual adoption > is possible. > > > .. > > I would like some co authors to assist if possible - and advice re > posting the document to the list. > > The document if adopted will affect the X.509 profile. > > please advise and regards alan > |
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| Previous by Date: | Re: Authentication vs. binding signature, and ephemeral vs.permanent key usage: 00322, Petra Glöckner |
|---|---|
| Next by Date: | Re: Authentication vs. binding signature, and ephemeral vs.permanent key usage: 00322, Simonetti David |
| Previous by Thread: | directory enabled certificate status drafti: 00322, Alan Lloyd |
| Next by Thread: | RE: directory enabled certificate status draft: 00322, Alan Lloyd |
| Indexes: | [Date] [Thread] [Top] [All Lists] |
| News | FAQ | advertise |