[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: validity time suggestion

> An option for a certificate validity period could be "valid until event X
> occurs" (the example event used was the commit or abort of a transaction).
> This sounds like a fine idea to me.
> Reactions?

Good idea as long as you can figure out how to name "event X" in an
unambiguous way (so that certificate evaluators can know when to
approve/deny/give up).

I also think you might want a "not valid after time T" in some cases
as well.

Conceptually, in this scheme, you can implement CRL's as a "valid
until xxx appears in a CRL issued by CA"

					- Bill