[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SKIP: Fixes to certificate discovery protocol
-----BEGIN PGP SIGNED MESSAGE-----
Teodora Ngo wrote:
>
> > Master Key-ID - this is the identifier as described in the section on
> > Master Key-IDs. It's length is dependent on the value
> > of the NSID field. It is only used when requesting
> > certificates with a specific master key-id from another
> > entity. The requester may set this to zero (0) in which
> > case the receiver should consider the request for ALL
> > certificates. The responder should always set this
> > field to zero (0).
>
> Suggestion : The responder should retain the same Master Key-ID so
> one can match a certificate response to its certificate request.
> There can be multiple outstanding certificate requests.
I assume ?! that each certificate in the response contains its appropriate
master ID.
> There is only one Master Key-ID, Why do you need NSID with each certificate ?
> Is the intent to associate each certificate with a Key-ID ? If so,
> then you need both NSID and Master Key-ID with each certificate.
Yeah! Now, is it in the certificate, or not ?
/gec
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMJArVLH8jId7euXhAQGI2QP+JlCxnAYz3uiFRgS6CMTzyUNhjooKmP/C
YDJjwv5MzgufEE0OR9BYW46b+MVyOmqS+/FvKcU2/FHBYdatLVB8L84c9Uz8Lc4n
ftkRXAiVNtoyFL1EVHRELmKWyIS+vNC43+4OMtqD1QslQzc/mW3WaOv+RZ8zEbFh
jjxlUjxFW0k=
=kM0R
-----END PGP SIGNATURE-----
Follow-Ups:
References: