[127459] in cryptography@c2.net mail archive
Re: ITU-T recommendations for X.509v3 certificates
daemon@ATHENA.MIT.EDU (Peter Gutmann)
Sat Jul 5 13:23:33 2008
From: pgut001@cs.auckland.ac.nz (Peter Gutmann)
To: fw@deneb.enyo.de, pgut001@cs.auckland.ac.nz
Cc: cryptography@metzdowd.com
In-Reply-To: <87iqvlfcid.fsf@mid.deneb.enyo.de>
Date: Sun, 06 Jul 2008 00:37:49 +1200
Florian Weimer <fw@deneb.enyo.de> writes:
>* Peter Gutmann:
>>>Or is it unreasonable to expect that the specs match what is actually needed
>>>for interoperability with existing implementations (mostly in the TLS, S/MIME
>>>area)?
>>
>> There is very little correspondence between PKI specs and reality.
>
>I should have written that my main goal was to extract the public key
>material, and perhaps the validity period. I want to use the
>certificates as interoperable public key containers,
That's the best way to use them. For one thing it doesn't create any mistaken
impression that setting a particular extension will have any useful effect
when the software at the other end sees it :-).
Peter.
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
