W3C home > Mailing lists > Public > w3c-ietf-xmldsig@w3.org > July to September 2002

Array of Certificates

From: Asad <asadkhan@cmcltd.com>
Date: Mon, 8 Jul 2002 09:15:00 -0400
To: <w3c-ietf-xmldsig@w3.org>
Message-Id: <200207080915.00866.asadkhan@cmcltd.com>
Hi all,
    I want to place more than one certificate in the X509Data
 element(Signer Certificate and its corresponding chain of certificates). 
Is it mandatory to place all the certificates in order, ie signer
 certificate first and followed by its CA and so on, or can I place the
 certificates in any order.

and also I want to know ,while signature verification, If I receive a chain
 of certificates, should I take the certificate placed first as the signer
 certificate, or should I do any checking using the
 X509IssuerSerial/X509SKI element to determine where the signer certificate
 is. 
Thanks in advance
regards
Asad




Received on Monday, 8 July 2002 09:15:02 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 20:10:10 UTC