[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Light-weight certificate revocation lists ?

To: Carl Ellison <cme@cybercash.com>
Subject: Re: Light-weight certificate revocation lists ?
From: Bryce <bryce@digicash.com>
Date: Wed, 02 Apr 1997 11:53:32 +0200
Cc: rivest@theory.lcs.mit.edu (Ron Rivest), spki@c2.net, blampson@microsoft.com
In-Reply-To: Your message of "Wed, 02 Apr 1997 00:30:40 CDT." <3.0.1.32.19970402003040.00c756e8@cybercash.com>
Reply-To: bryce@digicash.com


I concur with Carl on this one:  in the limit CRLs are either 
useless or else they are just a list of on-line verification tests.


The normal propagation route for certs will be that the person 
benefiting (usually the Subject) carries them to the person wanting
authorization.  This route isn't very effective for negative certs,
or for CRLs.  :-)


Maybe Ron Rivest's "light-weight CRLs" should be changed to 
"light-weight O-LVT's".


Regards,

Bryce

I am not a cypherpunk.  NOT speaking for DigiCash or any other
person or organization.  No PGP sig follows.

References:

Re: Light-weight certificate revocation lists ?

From: Carl Ellison <cme@cybercash.com>

Prev by Date: meanings of tag fields (was Re: Intersection of tag fields )
Next by Date: Re: single <auth> per cert (was Re: "auth" --> "tag" ?? )
Prev by thread: Re: Light-weight certificate revocation lists ?
Next by thread: Light-weight certificate revocation lists ?
Index(es):
- Main
- Thread