[2061] in WWW Security List Archive


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Q: How to validate a cert. chain

daemon@ATHENA.MIT.EDU (Ravi Shankar)
Sat May 11 05:38:49 1996

From: Ravi Shankar <ravi.shankar@citicorp.com>
To: www-security@ns2.rutgers.edu
Date: Sat, 11 May 96 13:13:44 IST
Errors-To: owner-www-security@ns2.rutgers.edu

Hi all

How does an application (browser, web server, etc.) validate the
public key of a communicating agent when no certificate chain of
CAs is provided along with the certificate?

Most online FAQs and things talk about 'Public Key directories', but is
there an established protocol which an application can use to
recursively contact CAs in a hierarchy?

I have gone through the SSLeay code, and it seems to expect the CA
to "reside" on the local machine. How do applications currently handle
this?

Tks
Ravi


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[2061] in WWW Security List Archive

Q: How to validate a cert. chain

daemon@ATHENA.MIT.EDU (Ravi Shankar)Sat May 11 05:38:49 1996

daemon@ATHENA.MIT.EDU (Ravi Shankar)
Sat May 11 05:38:49 1996