[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: yet another <auth> type

To: spki@c2.net, cme@cybercash.com
Subject: Re: yet another <auth> type
From: "Brian M. Thomas" <bt0008@entropy.sbc.com>
Date: Fri, 21 Feb 1997 07:07:51 -0600 (CST)

cme@cybercash.com:

> "The subject keyholder (K1) is the same person as the keyholder of (K2), on 
> <date>."
> 
> This allows someone to start a service by which someone can map old keys to 
> new ones.
> 
> Thoughts?
> 
>  - Carl

I agree; this would be in support of simple recertifications in cases of
lost keys - something that was brought up in our initial analysis of our
(SBC's) PKI.  It could also make recertification unnecessary in cases
where the issuer of this "key equivalence" cert was trusted in this role
by the verifier.

This seems to be a good generic kind of <auth> type, useful in a general
standard.


Brian Thomas - Distributed Systems Architect    bt0008@entropy.sbc.com
Southwestern Bell                               bthomas@primary.net
One Bell Center,  Room 34G3                     Tel: 314 235 3141
St. Louis, MO 63101                             Fax: 314 235 0162

Prev by Date: yet another <auth> type
Next by Date: Re: yet another <auth> type
Prev by thread: Re: yet another <auth> type
Next by thread: Re: yet another <auth> type
Index(es):
- Main
- Thread