[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: certificate chains

To: Carl Ellison <cme@cybercash.com>, spki@c2.org
Subject: Re: certificate chains
From: frantz@netcom.com (Bill Frantz)
Date: Tue, 16 Jul 1996 22:11:34 -0700

At  4:45 PM 7/15/96 -0400, Carl Ellison wrote:
>over on ssl-talk, Peter Williams asked:
>
>>Can the Netscape products detect circularities and redundancies
>>in cert chains?
>...
>
>That's something we will need to keep in mind as we write verifying code.

There is a simple algorithm which will keep you out of trouble with
circular chains.  It involves having two pointers into the chain.  Whenever
the first pointer advances two steps, the second pointer advances one step.
 If the pointers are ever equal, then the chain is a loop.

-------------------------------------------------------------------------
Bill Frantz       | The Internet may fairly be | Periwinkle -- Consulting
(408)356-8506     | regarded as a never-ending | 16345 Englewood Ave.
frantz@netcom.com | worldwide conversation.    | Los Gatos, CA 95032, USA

Prev by Date: Re: Ideas from the I&A Forum
Next by Date: Re: Ideas from the I&A Forum (DCE file permissions)
Prev by thread: certificate chains
Next by thread: Re: one possible motivation for X.509
Index(es):
- Main
- Thread