Re: Validity periods can be handled more explicitly

[Bob Jueneman <BJUENEMAN@novell.com>]

Q.  "What's in a name?  A rose by any other name would smell as sweet..." 
Bill S.

A.  But a chrysanthemum would be easier to spell.  Bob J.

I was merely repeating the usage of the previous questioner, not attempting
to define a concept that is somewhat metaphysical.

For the purpose at hand, equating "identity" with a well-qualified, globally
unique name is adequate.

Whether I change identities, or merely roles, if I change jobs, move to my
summer place at the beach,  or get married and change my name, I'll leave
for the philosphers to decide.

Bob
>
>At 11:15 AM 10/31/97 -0700, Bob Jueneman wrote:
>>b.  The identity (and other attributes) contained in a certificate do not
>>"expire", because they are only represented as being valid as of a single
>>instant in time, in the first place, i.e.,  as of the time the certificate
>>was issued.  There is _no_ positive duty or obligation placed on a CA to
>>maintain a continual awareness of the status of the identity of the user
and
>>report such to potential relying parties, nor any of the other attributes
in
>>the certificate, for that matter.  Likewise, there is no legal obligation
>>placed on the user to notify his CA of a change of name, address, or other
>>attributes, including identity.  From a legal perspective, if you had a
>>given identity on that date, then you had it.  
>
>Bob,
>
> you're using the word "identity" here as if you knew what you mean by it 
>but you haven't defined it.  Can you?
>
> [I know, it's my soap-box issue: that folks use the word without defining 
>it.]

---

• Prev by Date: Re: non-repudiation vs. revocation
• Next by Date: Re: Validity periods can be handled more explicitly
• Prev by thread: Re: Validity periods can be handled more explicitly
• Next by thread: Re: Validity periods can be handled more explicitly
• Index(es):
  • Main
  • Thread