[Top] [All Lists]

RE: Request change in son-of-rfc2633

2003-10-28 21:23:20


>Further, if there is a collision, an implementation can try the very small
>number of public keys that have the same identifier.

How does it know when to stop looking for more certs?  For example, what if it
can only find one cert and it's the wrong one?

If the key identifier is computed from the public key as recommended by RFC 3280, the odds are quite small. So, if the first certificate located is not the right one, search for another. If one is not located, then return an error.


<Prev in Thread] Current Thread [Next in Thread>