IETF Logo Mail Archive

Re: [pkix] Proposed resolution to non-issued certificates - 2560bis

Stefan Santesson <stefan@aaa-sec.com> Wed, 31 October 2012 22:35 UTC

Return-Path: <stefan@aaa-sec.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1305721F8869 for <pkix@ietfa.amsl.com>; Wed, 31 Oct 2012 15:35:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.008
X-Spam-Level:
X-Spam-Status: No, score=-101.008 tagged_above=-999 required=5 tests=[AWL=-0.156, BAYES_00=-2.599, HELO_EQ_SE=0.35, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=1.396, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KzaVuUf13r6b for <pkix@ietfa.amsl.com>; Wed, 31 Oct 2012 15:35:04 -0700 (PDT)
Received: from s87.loopia.se (s87.loopia.se [194.9.95.113]) by ietfa.amsl.com (Postfix) with ESMTP id 6F51521F887D for <pkix@ietf.org>; Wed, 31 Oct 2012 15:35:03 -0700 (PDT)
Received: from s87.loopia.se (localhost [127.0.0.1]) by s87.loopia.se (Postfix) with ESMTP id 208D32F487 for <pkix@ietf.org>; Wed, 31 Oct 2012 23:35:03 +0100 (CET)
X-Virus-Scanned: amavisd-new at outgoing-smtp.loopia.se
Received: from s87.loopia.se ([127.0.0.1]) by s87.loopia.se (s87.loopia.se [127.0.0.1]) (amavisd-new, port 10024) with LMTP id ECm2hgCBWE4T for <pkix@ietf.org>; Wed, 31 Oct 2012 23:35:02 +0100 (CET)
Received: from s376.loopia.se (s34.loopia.se [194.9.94.70]) by s87.loopia.se (Postfix) with ESMTP id DC3E22F485 for <pkix@ietf.org>; Wed, 31 Oct 2012 23:35:02 +0100 (CET)
Received: (qmail 3194 invoked from network); 31 Oct 2012 22:35:02 -0000
Received: from 81-232-51-61-no39.business.telia.com (HELO [192.168.0.113]) (stefan@fiddler.nu@[81.232.51.61]) (envelope-sender <stefan@aaa-sec.com>) by s376.loopia.se (qmail-ldap-1.03) with DES-CBC3-SHA encrypted SMTP for <david.cooper@nist.gov>; 31 Oct 2012 22:35:02 -0000
User-Agent: Microsoft-MacOutlook/14.2.4.120824
Date: Wed, 31 Oct 2012 23:35:22 +0100
From: Stefan Santesson <stefan@aaa-sec.com>
To: "David A. Cooper" <david.cooper@nist.gov>
Message-ID: <CCB765DE.528BD%stefan@aaa-sec.com>
Thread-Topic: [pkix] Proposed resolution to non-issued certificates - 2560bis
In-Reply-To: <5091A4C5.9090609@nist.gov>
Mime-version: 1.0
Content-type: multipart/alternative; boundary="B_3434571325_33259756"
Cc: IETF PKIX <pkix@ietf.org>
Subject: Re: [pkix] Proposed resolution to non-issued certificates - 2560bis
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Oct 2012 22:35:05 -0000

> Does your message below mean that you now intend to extend the meaning of
> "revoked" even further to include certificates that were issued by CA and that
> were never revoked, but that are now expired?

No

You got me wrong.

Not issued = never issued.

/Stefan

v2.23.0 | Report a Bug | By Email