[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Multi-Tag-Cert Tag Creation and Validation
ERRATUM: I wrote:
> 1.2 Every tag in a certificate you issue has a tag-id constructed
> of the form <some-cert-id>-<small-index> detailed below.
> HINT: For a single-tag cert, the tag-id is simply the cert-id
> of the cert which grants your key-as-issuer authority.
The HINT should have read:
For a single-tag cert, the tag-id is essentially the cert-id
of the "eldest" ancestor cert from which you derive the
authority to bind that tag, possibly your own auto-cert-id.
As the remainder of the post indicates, this would usually be a simple copy
from the immediate parent cert.