Re: X.500 databases for holding certs

I don't mean to criticise the Mitre work, for I know nothing about it. But
X.500 is clear intended to be a means of distributing certificates and CRLs,
not as a corporate database

In my view, any signed messages that are received should be archived along with
the complete chain of certificates and a current CRL. A centralized corporate
facility for doing that is a nice idea, but rather independent of the
distribution problem, unless we were to decide that it would be best if the CA
were to archive all past certificates and CRLs and make them available by an
on-line request (whether X.500 based or other).

Bob

<Prev in Thread]	Current Thread	[Next in Thread>
re:X.500 databases for holding certs, warwick (w.s.) ford Re: X.500 databases for holding certs, Jueneman <= Re: X.500 databases for holding certs, Valdis . Kletnieks Re: X.500 databases for holding certs, CRAFFORD_CHRIS

Previous by Date:	Re: MD Algorithm for v3 Certificates, Donald E. Eastlake 3rd
Next by Date:	Certificates, DNs, etc., Amanda Walker
Previous by Thread:	re:X.500 databases for holding certs, warwick (w.s.) ford
Next by Thread:	Re: X.500 databases for holding certs, Valdis . Kletnieks
Indexes:	[Date] [Thread] [Top] [All Lists]