- From: Thomas Roessler <tlr@w3.org>
- Date: Fri, 4 Apr 2008 16:35:41 +0200
- To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
- Cc: 'W3 Work Group' <public-wsc-wg@w3.org>
On 2008-04-04 15:29:00 +0100, Stephen Farrell wrote: > - If an RP is doing relaxed path validation, then it can ignore > the current time when considering notBefore and notAfter fields. > > I'd be open to allowing non-overlapping validity periods in cert > paths when doing relaxed path validation, but there's probably no > point if the underlying crypto APIs already insist on some overlap. > (Which I think is the case, can't recall really.) The additional question here is whether relaxed path validation should be permissible for any validated certificate, or maybe prohibited for augmented assurance? -- Thomas Roessler, W3C <tlr@w3.org>
Received on Friday, 4 April 2008 14:36:16 UTC