[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Validity periods can be handled more explicitly

Q.  "What's in a name?  A rose by any other name would smell as sweet..." 
Bill S.

A.  But a chrysanthemum would be easier to spell.  Bob J.

I was merely repeating the usage of the previous questioner, not attempting
to define a concept that is somewhat metaphysical.

For the purpose at hand, equating "identity" with a well-qualified, globally
unique name is adequate.

Whether I change identities, or merely roles, if I change jobs, move to my
summer place at the beach,  or get married and change my name, I'll leave
for the philosphers to decide.

>At 11:15 AM 10/31/97 -0700, Bob Jueneman wrote:
>>b.  The identity (and other attributes) contained in a certificate do not
>>"expire", because they are only represented as being valid as of a single
>>instant in time, in the first place, i.e.,  as of the time the certificate
>>was issued.  There is _no_ positive duty or obligation placed on a CA to
>>maintain a continual awareness of the status of the identity of the user
>>report such to potential relying parties, nor any of the other attributes
>>the certificate, for that matter.  Likewise, there is no legal obligation
>>placed on the user to notify his CA of a change of name, address, or other
>>attributes, including identity.  From a legal perspective, if you had a
>>given identity on that date, then you had it.  
> you're using the word "identity" here as if you knew what you mean by it 
>but you haven't defined it.  Can you?
> [I know, it's my soap-box issue: that folks use the word without defining