- From: Hallam-Baker, Phillip <pbaker@verisign.com>
- Date: Wed, 16 Oct 2002 11:23:53 -0700
- To: "Www-Xkms (E-mail)" <www-xkms@w3.org>
Received on Wednesday, 16 October 2002 14:22:04 UTC
I think we need to add in something here to state exactly what a key binding really is. I think that we need to state that a key binding may be an entirely iundependent entity or may be bound to other entities defined in an underlying PKI and reflect the status of those entities - this is up to the issuer to decide. So if a key binding is reflecting the status of an X.509 cert and the cert is revoked by any means then the key binding is automatically revoked. I think this clarification will also help the policyidentifier definition.
Received on Wednesday, 16 October 2002 14:22:04 UTC