[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
key validity
The first ID draft proposes that the subject include not only the key but
also a reference to a self-signed cert or on-line service the job of which
is to show that the subject key is still valid. A simple self-signed cert
doesn't do any good. If a key is stolen, the thief can self-sign validity
certs.
The indirection mechanisms David and I discussed today can cover key
invalidity. They don't require any additional field alongside the Subject.
Could it be that we can eliminate the Subject-info: field?
Comments?
- Carl
+------------------------------------------------------------------+
|Carl M. Ellison cme@cybercash.com http://www.clark.net/pub/cme |
|CyberCash, Inc. http://www.cybercash.com/ |
|207 Grindall Street PGP 2.6.2: 61E2DE7FCB9D7984E9C8048BA63221A2 |
|Baltimore MD 21230-4103 T:(410) 727-4288 F:(410)727-4293 |
+------------------------------------------------------------------+