1995-10-02 - Re: Certificate proposal & X509 clarifications

Header Data

From: Carl Ellison <cme@TIS.COM>
To: baldwin@rsa.com
Message Hash: 8b8294b549d6241d2809294682def35caf750e570a57f8ff07a86817f51e59a8
Message ID: <9510022213.AA15923@tis.com>
Reply To: <9509028126.AA812663445@snail.rsa.com>
UTC Datetime: 1995-10-02 22:16:12 UTC
Raw Date: Mon, 2 Oct 95 15:16:12 PDT

Raw message

From: Carl Ellison <cme@TIS.COM>
Date: Mon, 2 Oct 95 15:16:12 PDT
To: baldwin@rsa.com
Subject: Re: Certificate proposal & X509 clarifications
In-Reply-To: <9509028126.AA812663445@snail.rsa.com>
Message-ID: <9510022213.AA15923@tis.com>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

>Date: Mon, 02 Oct 95 12:51:11 PST
>From: "baldwin" <baldwin@RSA.COM (Robert W. Baldwin)>


>	   The designers of version 1 of the X509 certificate format
>have realized that they need to allow issuers to attach all kinds
>of different attributes to a public key.  This lead to version 3
>of the X509 format, which provides for general extensions.

However, in true ASN.1 form, they called for these extensions to be tied to
object identifiers (defining the attribute being defined).  Therefore, you
have to get someone owning an OBJID tree branch to define meanings for you
- -- and you have to publish some worldwide book of mappings, etc.  To me,
this needs nothing more elaborate than text.  In fact, text is a fine
machine-independent coding.

[Thought experiment: imagine Postscript using ASN.1 coding rather than
ASCII.  How many Postscript printers would there be today?]

>	   Question: what's a good way to have the existing PGP public
>key infrastructure interoperate with the X509 infrastructure?

Answer: wait until X.509 dies under its own weight and let them ask how to
interoperate with PGP.

 - Carl

+--------------------------------------------------------------------------+
|Carl M. Ellison      cme@tis.com    http://www.clark.net/pub/cme	   |
|Trusted Information Systems, Inc.   http://www.tis.com/                   |
|3060 Washington Road          PGP 2.6.2:  61E2DE7FCB9D7984E9C8048BA63221A2|
|Glenwood MD  21738         Tel:(301)854-6889      FAX:(301)854-5363       |
+--------------------------------------------------------------------------+

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMHBj0VQXJENzYr45AQHVUAP/Xrb199NEwRoYydDGQK5l424k7neMRpp/
XZtU+7QO760v2YEPmf5EdWZ6S25wKLtaIVUhVr1MLyCRLyfRedXLdYzBqEVlHd2k
dGarIqkB/HOcmjYvZGxnYE+s2gLiTJ1FShgdWWGtC3qCMqlE3h4r5WuiGIotg/IL
WbzKq2oGzYA=
=qBPm
-----END PGP SIGNATURE-----





Thread