W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2001

RE: Purpose of CRL

From: Christian Geuer-Pollmann <geuer-pollmann@nue.et-inf.uni-siegen.de>
Date: Fri, 21 Sep 2001 11:30:54 +0200
To: Gregor Karlinger <gregor.karlinger@iaik.at>
Cc: w3c-ietf-xmldsig@w3.org
Message-id: <344474537.1001071854@pinkpanther>
Hi Gregor,

>> What do _your_ applications do with X509 CRLs? Do you collect all
>> CRLs into
>> a file and check new chertificates against the sum of all CRLs ?

> IXSIL has an interface to a "trust management system". If IXSIL
> detects CRLs, they are provided to the TMS over this interface.
> Later in the process IXSIL requests a decision wheter a certain
> certificate is trusted by the TMS. What the TMS does with the
> provided CRLs, is in its own responsability.

OK, that's what I thought, too. Do there already exist standards to 
interfaces to TMS like XKMS or do you leave this to your app (simply a 
addCRL(CRL) and checkAgainstTMS(X509Certificate) interface) ?

Received on Friday, 21 September 2001 05:28:59 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 21:21:36 UTC