[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: one possible motivation for X.509

To: Carl Ellison <cme@cybercash.com>, bjb@trsvr.tr.unisys.com
Subject: Re: one possible motivation for X.509
From: drummond@Onramp.NET (Rik Drummond)
Date: Fri, 19 Jul 1996 12:35:35 -0500
Cc: spki@c2.org

...text deleted....
>
>DNs perform no useful purpose for me, the verifier.  For a (name,key)
>binding to mean anything to me, the name must be in my name space.  A DN is
>in the CA's name space.  That means that to use a CA's (name,key) binding, I
>need a mapping from the DN to my name (nickname) for the entity in question.
>I have to get that mapping over a secure channel.  If I have to go to that
>trouble, then I can get the public key hash rather than the DN over that
>channel and I won't have needed the DN.

Nice discussion....Why do I need to "get the that mapping over a secure
channel"? The point is not clear to me.....later...Rik


------------------------------------------------------
|         Rik Drummond - The Drummond Group         |
|   5008 Bentwood Ct., Ft. Worth, TX 76132 USA  |
|        Voice: 817 294 7339    Fax: 817 294 7950     |
------------------------------------------------------

Follow-Ups:

Re: one possible motivation for X.509

From: Bill Sommerfeld <sommerfeld@orchard.medford.ma.us>

Prev by Date: Re: one possible motivation for X.509
Next by Date: Re: one possible motivation for X.509 -Reply -Reply
Prev by thread: Re: one possible motivation for X.509
Next by thread: Re: one possible motivation for X.509
Index(es):
- Main
- Thread