W3C home > Mailing lists > Public > public-xg-webid@w3.org > April 2011

short life certs from server cert endpoints

From: peter williams <home_pw@msn.com>
Date: Wed, 13 Apr 2011 02:16:43 -0700
Message-ID: <SNT143-ds14347A54A0F239713D9AD792AA0@phx.gbl>
To: "'WebID XG'" <public-xg-webid@w3.org>
In rest it makes sense for a service to consume a webid, then mint a short
life cert that it expects  the next ssl handshake to quote back to it.


Assuming server cert has certsigning key usage , server-cum-ca could chain
said cert to its own server cert chain. The client sends it back to the
server in ssl handshake to assert session, or releases it to others as a
kind of idp token.


Received on Wednesday, 13 April 2011 09:17:17 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:44 UTC