[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Certificate Cancellation Notices (CCN)

At 06:48 AM 4/5/97 EST, Ron Rivest wrote:
>But what happens when the server (who is replicating the database of
>certificates for his principal) receives a request that is justified
>by a properly signed certificate that is not in his database?

To me, you might be using the word "server" two different ways here.
When I spoke of servers, I was thinking of SDSI certificate servers.
Those are the ones maintaining a replicated DB with some user (who isn't
always online).  It seems that you're speaking here of a verifier when you
use the word "server".  It is verifiers who receive requests that must be
backed up by certificates.  [I'm intentionally avoiding the obvious issue
of a certificate server whose interface to its user is a cryptographically
protected set of commands.  In that case, I expect the server to act as a
verifier and the protocol to use certificates without online tests or ones 
whose online tests are provided by some other certificate server (e.g., the 
user's own machine, which could be online at the time of the dialog with the 

>Is the request honored?  Or is it denied on the basis that the certificate
>is "not valid because it is not in my database"?  If it is denied, what
>is the requestor told?

I think if we separate server from verifier, the question has a clear answer.

>I think the protocol for making a request, supplying a certificate chain
>to justify the request, and getting a response should be part of what
>we're talking about here...

Agreed -- only I think the online servers deserve their own RFC.

|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |