[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

updated generalized certificate proposal

Over the weekend, I updated my http://www.clark.net/pub/cme/html/cert.html
to reflect the discussion on this list.  In particular, I added:

1.      optional means for establishing validity [re-validation or CRLs] in
addition to an effective date and an expiration date.

2.      certificate pointers for both Certifying-key and Signed-key:
Certifying-key: pointing to the certificate which gives this key the
authority to say what it's trying to say
Signed-key: pointing to the self-signed certificate which gets revoked if
the key is ever compromised

Does anyone see anything else I should add to the generalized certificate?

 - Carl
Carl Ellison    cme@acm.org     http://www.clark.net/pub/cme