pem-dev
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Proposed new X.509 certificate. (Was Re: Are X.500 names

1994-02-10 20:33:00
from [warwick (w.s.) ford] [Permanent Link] 
John Lowry writes:

      AttributeCertificates as proposed by X9.30 in fact do NOT contain
      the holder's DN but a pointer (consisting of issuer DN, UID etc.)
     to the holder's key certificate.  (Note that one needs to use a
      DN to lookup and validate the AttributeCertificate issuer as well)


FYI, we have discussed this at this week's X9F1 meeting, and concluded 
that in some cases an attribute should be linked to a key certificate 
and in some cases to a DN.  Hence, X9.30 has been modified to allow a 
choice of DN or {issuer name plus cert. serial no.} as the link.

Warwick
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: IPRA status, Jeffrey I. Schiller
Next by Date:  Re: Re: CA Names, warwick (w.s.) ford
Previous by Thread:  Re:Proposed new X.509 certificate. (Was Re: Are X.500 names, jueneman%wotan
Next by Thread:  DNs with competing DSA providers., jueneman%wotan
Indexes:  [Date] [Thread] [Top] [All Lists]