[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: CRLs versus short Validity periods

To: "Graham Finlayson" <graham@amanda.worldtalk.com>
Subject: Re: CRLs versus short Validity periods
From: cme@cybercash.com (Carl Ellison)
Date: Fri, 1 Mar 1996 02:03:46 -0500
Cc: spki@c2.org
Sender: owner-spki@c2.org

At 11:27 2/29/96, Graham Finlayson wrote:

>However, there are applications for which the CRLs result in a
>performance advantage.
>
>e.g. I am Sears. I accept MasterCard short-life certificates and can
>renew these certificates for the owner. I deal with a large number of
>certificate validations (and hence renewals in a day) . If I have to go to the
>issuer (MasterCard) to renew each certificate for a fraction of these
>people, this
>results in a lot of network traffic compared to MasterCard
>distributing the CRL, or better still a CRL update, every two days.

I'm intrigued.  Are you saying that Sears is, in effect, issuing its
own certificates for MasterCard?  If you're counting on CRLs, I have to assume
that the MC certs are long-life [e.g., 1 year] -- but you referred to
short-life certs.

Can you describe this operation in more detail?

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison          cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc., Suite 430                   http://www.cybercash.com/    |
|2100 Reston Parkway           PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Reston, VA 22091      Tel: (703) 620-4200                                 |
+--------------------------------------------------------------------------+

Prev by Date: Re: going back to stone axes
Next by Date: Re: CRLs versus short Validity periods
Prev by thread: RE: CRLs versus short Validity periods
Next by thread: Re: CRLs versus short Validity periods
Index(es):
- Main
- Thread