[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

certificate chains

To: spki@c2.org
Subject: certificate chains
From: Carl Ellison <cme@cybercash.com>
Date: Mon, 15 Jul 1996 16:45:57 -0400
Sender: owner-spki@c2.org

over on ssl-talk, Peter Williams asked:

>Can the Netscape products detect circularities and redundancies
>in cert chains?

I think that's a fine question.

For SPKI certs, as long as people don't use

MAY-DELEGATE: *

throughout there is no chance for a certificate loop, but if everyone uses
(*) there is.

That's something we will need to keep in mind as we write verifying code.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison          cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                              http://www.cybercash.com/    |
|207 Grindall Street           PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103       T:(410) 727-4288     F:(410)727-4293        |
+--------------------------------------------------------------------------+

Prev by Date: Re: epiphany
Next by Date: Re: epiphany
Prev by thread: man-in-the-middle attacks
Next by thread: Re: certificate chains
Index(es):
- Main
- Thread