The only case in which it could arise is if the backing PKI is X.509 and the certificate enquired about is in suspend status. Under X.509v3 rules the certificate is Invalid from the date specified in the CRL to the date of the next CRL. When the next CRL is issued the cert might be reinstated or might still be suspended. Phill Phillip Hallam-Baker FBCS C.Eng. Principal Scientist VeriSign Inc. pbaker@verisign.com 781 245 6996 x227 > -----Original Message----- > From: Joseph Reagle [mailto:reagle@w3.org] > Sent: Tuesday, March 05, 2002 1:42 PM > To: Hallam-Baker, Phillip; 'stephen.farrell@baltimore.ie'; > www-xkms@w3.org > Subject: Re: status of the nation... > > > On Tuesday 05 March 2002 13:02, Hallam-Baker, Phillip wrote: > > In most cases then a responder sending back invalid would > be expected to > > send back a start date with no end date. But it is possible that a > > responder would need to send back invalid with a validity > interval closed > > at both ends. > > Why would that be? What does it mean if it is closed for the time > afterwards? (Regardless, the answer should be documented.) > > -- > > Joseph Reagle Jr. http://www.w3.org/People/Reagle/ > W3C Policy Analyst mailto:reagle@w3.org > IETF/W3C XML-Signature Co-Chair http://www.w3.org/Signature/ > W3C XML Encryption Chair http://www.w3.org/Encryption/2001/ >
Received on Tuesday, 5 March 2002 14:50:59 UTC