[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: certificate chains

At  4:45 PM 7/15/96 -0400, Carl Ellison wrote:
>over on ssl-talk, Peter Williams asked:
>>Can the Netscape products detect circularities and redundancies
>>in cert chains?
>That's something we will need to keep in mind as we write verifying code.

There is a simple algorithm which will keep you out of trouble with
circular chains.  It involves having two pointers into the chain.  Whenever
the first pointer advances two steps, the second pointer advances one step.
 If the pointers are ever equal, then the chain is a loop.

Bill Frantz       | The Internet may fairly be | Periwinkle -- Consulting
(408)356-8506     | regarded as a never-ending | 16345 Englewood Ave.
frantz@netcom.com | worldwide conversation.    | Los Gatos, CA 95032, USA