re:X.509 extensions

Raj:

More seriously, does any one see a need for the following extension to
the SIGNED macro ?

A certificate signature needs to include the serial number of the

signers

public key certificate that can be used to verify it, and (/or) the

date

the signature was generated.


There is an enhanced version of the SIGNED and SIGNATURE macros defined 
in the GULS standard (DIS 11586-1).  These are parameterized types 
(which are a macro replacement construct in the 93 ASN.1 standards) 
called GULS SIGNED and GULS SIGNATURE.  It is expected that these will 
ultimately supercede the X.509 SIGNED and SIGNATURE.

The GULS SIGNED and SIGNATURE correct several deficiencies in the X.509 
SIGNED and SIGNATURE.  One is to include optional fields to convey CA 
name and certificate serial number.

The GULS DIS is currently out for ballot; closing April 7 at ISO level 
(earlier at ANSI level) if anyone wants to look into this more closely.

...Warwick Ford

<Prev in Thread]	Current Thread	[Next in Thread>
X.509 extensions, P. Rajaram X.509 extensions, Jeff Thompson Re: X.509 extensions, Steve Kent Re: X.509 extensions, Dan Nessett re:X.509 extensions, warwick (w.s.) ford <= Re: re:X.509 extensions, jueneman%wotan Re: re:X.509 extensions, Emile Soueid Re: re:X.509 extensions, warwick (w.s.) ford Re: X.509 extensions, Steve Kent

Previous by Date:	Re: CA Names, Steve Kent
Next by Date:	Re: CA Names, Paul C. Clark
Previous by Thread:	Re: X.509 extensions, Dan Nessett
Next by Thread:	Re: re:X.509 extensions, jueneman%wotan
Indexes:	[Date] [Thread] [Top] [All Lists]