[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Validity periods can be handled more explicitly
Q. "What's in a name? A rose by any other name would smell as sweet..."
A. But a chrysanthemum would be easier to spell. Bob J.
I was merely repeating the usage of the previous questioner, not attempting
to define a concept that is somewhat metaphysical.
For the purpose at hand, equating "identity" with a well-qualified, globally
unique name is adequate.
Whether I change identities, or merely roles, if I change jobs, move to my
summer place at the beach, or get married and change my name, I'll leave
for the philosphers to decide.
>At 11:15 AM 10/31/97 -0700, Bob Jueneman wrote:
>>b. The identity (and other attributes) contained in a certificate do not
>>"expire", because they are only represented as being valid as of a single
>>instant in time, in the first place, i.e., as of the time the certificate
>>was issued. There is _no_ positive duty or obligation placed on a CA to
>>maintain a continual awareness of the status of the identity of the user
>>report such to potential relying parties, nor any of the other attributes
>>the certificate, for that matter. Likewise, there is no legal obligation
>>placed on the user to notify his CA of a change of name, address, or other
>>attributes, including identity. From a legal perspective, if you had a
>>given identity on that date, then you had it.
> you're using the word "identity" here as if you knew what you mean by it
>but you haven't defined it. Can you?
> [I know, it's my soap-box issue: that folks use the word without defining