RE: Purpose of CRL from Gregor Karlinger on 2001-09-21 (w3c-ietf-xmldsig@w3.org from July to September 2001)

From: Gregor Karlinger <gregor.karlinger@iaik.at>
Date: Fri, 21 Sep 2001 11:43:08 +0200
To: "Christian Geuer-Pollmann" <geuer-pollmann@nue.et-inf.uni-siegen.de>, "Gregor Karlinger" <gregor.karlinger@iaik.at>
Cc: <w3c-ietf-xmldsig@w3.org>
Message-ID: <LBEPJAONIMDADHFHAEAOKEBECJAA.gregor.karlinger@iaik.at>

> >> What do _your_ applications do with X509 CRLs? Do you collect all
> >> CRLs into
> >> a file and check new chertificates against the sum of all CRLs ?
> 
> > IXSIL has an interface to a "trust management system". If IXSIL
> > detects CRLs, they are provided to the TMS over this interface.
> > Later in the process IXSIL requests a decision wheter a certain
> > certificate is trusted by the TMS. What the TMS does with the
> > provided CRLs, is in its own responsability.
> 
> OK, that's what I thought, too. Do there already exist standards to 
> interfaces to TMS like XKMS or do you leave this to your app (simply a 
> addCRL(CRL) and checkAgainstTMS(X509Certificate) interface) ?

The interface is defined by IXSIL, i.e. its the kind you have 
described above.

Liebe Gruesse/Regards, 
---------------------------------------------------------------
DI Gregor Karlinger
mailto:gregor.karlinger@iaik.at
http://www.iaik.at
Phone +43 316 873 5541
Institute for Applied Information Processing and Communications
Austria
---------------------------------------------------------------

Received on Friday, 21 September 2001 05:43:24 UTC