[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Validity periods can be handled more explicitly
-----BEGIN PGP SIGNED MESSAGE-----
At 11:15 AM 10/31/97 -0700, Bob Jueneman wrote:
>b. The identity (and other attributes) contained in a certificate do not
>"expire", because they are only represented as being valid as of a single
>instant in time, in the first place, i.e., as of the time the certificate
>was issued. There is _no_ positive duty or obligation placed on a CA to
>maintain a continual awareness of the status of the identity of the user and
>report such to potential relying parties, nor any of the other attributes in
>the certificate, for that matter. Likewise, there is no legal obligation
>placed on the user to notify his CA of a change of name, address, or other
>attributes, including identity. From a legal perspective, if you had a
>given identity on that date, then you had it.
Bob,
you're using the word "identity" here as if you knew what you mean by it
but you haven't defined it. Can you?
[I know, it's my soap-box issue: that folks use the word without defining
it.]
- Carl
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQCVAwUBNF8rJRN3Wx8QwqUtAQH4IQP/bIW03u0fJCDyFm5gaq+Rf8nuu90O5JMf
zccuaRtwZJcN931zjBRQLKIYvGSGKGsysyHOSi72qm0DnUZKqERlvUg6ZtRiIFm9
1+Oa0Tj+dJTTSrG0ipfdEV0+xI7tWvxZTovg/oJVCR8VU2EXYUzSBGYRIw6R25Wi
eMMKqlPrh1c=
=Pema
-----END PGP SIGNATURE-----
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 08FF BA05 599B 49D2 23C6 6FFD 36BA D342 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+
References: