[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

key validity

To: spki@c2.net
Subject: key validity
From: Carl Ellison <cme@cybercash.com>
Date: Wed, 26 Feb 1997 13:14:28 -0500
Sender: owner-spki@c2.net

The first ID draft proposes that the subject include not only the key but 
also a reference to a self-signed cert or on-line service the job of which 
is to show that the subject key is still valid.  A simple self-signed cert 
doesn't do any good.  If a key is stolen, the thief can self-sign validity 
certs.

The indirection mechanisms David and I discussed today can cover key 
invalidity.  They don't require any additional field alongside the Subject.  
Could it be that we can eliminate the Subject-info: field?

Comments?

 - Carl


+------------------------------------------------------------------+
|Carl M. Ellison  cme@cybercash.com   http://www.clark.net/pub/cme |
|CyberCash, Inc.                      http://www.cybercash.com/    |
|207 Grindall Street   PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103  T:(410) 727-4288  F:(410)727-4293        |
+------------------------------------------------------------------+

Prev by Date: Re: persistent identities
Next by Date: Re: persistent identities
Prev by thread: Re: persistent identities
Next by thread: Looking up keys by email address
Index(es):
- Main
- Thread