Should a service provider returns ValidReason even the key binding is invalid? For instance, is the following valid? <xkms:Status StatusValue="xkms:Invalid"> <xkms:ValidReason>xkms:IssuerTrust</xkms:ValidReason> <xkms:ValidReason>xkms:Signature</xkms:ValidReason> <xkms:IndeterminateReason>xkms:RevocationStatus</xkms:IndeterminateReason> <xkms:InvalidReason>xkms:ValidityInterval</xkms:InvalidReason> </xkms:Status> This is a result from a Validate request of an expired X.509 cert, where the service provider successfully verified issurer trust and the signature, but was unable to obtain CRL from the issuer. Regards, YunhaoReceived on Wednesday, 20 October 2004 23:30:16 GMT
This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 20 September 2007 14:31:02 GMT