[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Is meaning important?

There has been a lot of discussion on this list about the "meaning" of
certificates. It seems to me that this may be beyond the scope of the
specification we are supposed to be working towards (namely, a means to
interchange public keys simply and interoperably).

Of course, there are certain aspects of the meaning which must be established,
in particular the data telling us where and how supporting data for the
certificate may be obtained (for example, the cerificate of the CA).

Could we not make useful progress by ignoring the question of CRLs, trust
models and so on, and concentrating on the interchange aspects of the system?

I'm not saying that these issues do not need to be addressed, just that there
are many uses for certificates, and many different models for verifying them,
all of which could be built on a single interchange methodology (maybe).




Ben Laurie                  Phone: +44 (181) 994 6435
Freelance Consultant and    Fax:   +44 (181) 994 6472
Technical Director          Email: ben@algroup.co.uk
A.L. Digital Ltd,           URL: http://www.algroup.co.uk
London, England.