[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Certificate Cancellation Notices (CCN)

Carl --

I like your philosophy about replicated databases, and moving some of the
stuff Butler and I have been talking about in SDSI 1.0 into the area of
just managing replicated databases.  

But what happens when the server (who is replicating the database of
certificates for his principal) receives a request that is justified
by a properly signed certificate that is not in his database?

Is the request honored?  Or is it denied on the basis that the certificate
is "not valid because it is not in my database"?  If it is denied, what
is the requestor told?

I think the protocol for making a request, supplying a certificate chain
to justify the request, and getting a response should be part of what
we're talking about here...

Ron Rivest