W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > January to March 2001

CRL like extensions

From: Donald E. Eastlake 3rd <dee3@torque.pothole.com>
Date: Mon, 22 Jan 2001 11:51:56 -0500
Message-Id: <200101221651.LAA0000041403@torque.pothole.com>
To: w3c-ietf-xmldsig@w3.org
cc: lde008@dma.isg.mot.com 
Hi,

Thinking about this a bit more, I think there is a need for the
ability to add new items inside X509DataType at the same level as
X509CRL.  I base this on the experience of SET, probably the strongest
attempt so far to really design a system with multiple levels of
Certification Authority that actually uses CRLs, etc.  SET found it
necessary to define a new object, the BrandCRLIdentifier, which is as
the same level as a CRL.  (See Secure Electronic Transaction
Specification, Book 2: Programmer's Guide, Part II Certificate
Management, Chapter 5 Certification Revocation List and
BrandCRLIdenftifier, <http://www.setco.org/download.html>.)

Thanks,
Donald

=====================================================================
 Donald E. Eastlake 3rd                      dee3@torque.pothole.com
 155 Beaver Street                                +1 508-634-2066(h)
 Milford, MA 01757 USA                            +1 508-261-5434(w)
Received on Monday, 22 January 2001 11:51:54 GMT

This archive was generated by hypermail 2.2.0 + w3c-0.29 : Thursday, 13 January 2005 12:10:12 GMT