[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: bootstrap of key-centric binding of person to key

At 15:25 3/4/96, Bill Frantz wrote:

>I would like to further divide the CRL cases into what I will call the
>"Pure Capability" CRLs and the "Revocation Authority" CRLs.  The difference
>is who you have to communicate with to check for Certificate Revocation.
>In the Pure Capability case, the only communication is with that entity
>which implements the authority.  In the Revocation Authority case, there is
>separate communication with some Revocation Authority.


>Does this model resonate with anyone?  Is it interesting enough that I
>should continue to suggest ways of using it?  Or should I just drop it?

Does this differ from assigning one URL for getting certs renewed and a
[potentially] different URL for checking CRLs?

|Carl M. Ellison          cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc., Suite 430                   http://www.cybercash.com/    |
|2100 Reston Parkway           PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Reston, VA 22091      Tel: (703) 620-4200                                 |