[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Thoughts on the draft
This may be a duplicate; my mailer crashed as I was sending it the first time.
> In message <199608282138.QAA16422@entropy.sbc.com>, "Brian M. Thomas" writes:
> >The philosophy we have been espousing is that every privilege is
> >explicitly issued by one principal to another. Yes, this does cause
> >certificates to proliferate, but we tend to like this, because it more
> >closely constrains the meaning of each certificate.
> It all comes down to that then. I wonder how the rest of the group
> feels about it. I can see pros and cons in it, so maybe some rough
> poll is in order ?
I would certainly like to hear some discussion on this, since it really
involves what to my mind are some basic structural and philosophical
issues. Anyone with an opinion, speak up.
> However, given that there is support for DUAL-SIGs, it wouldn't be too
> much trouble adding support for multiple signatures. Also, since there
> will be 2 signatures even in the current certificate format, you
> probably need some additional field in the SIGNATURE attribute to
> indicate the key.
> - -Angelos
If there is a second signature, the key is that of the subject, which is
already in the certificate.
Brian Thomas - Distributed Systems Architect email@example.com
Southwestern Bell firstname.lastname@example.org
One Bell Center, Room 23Q1 Tel: 314 235 3141
St. Louis, MO 63101 Fax: 314 331 2755