[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Types of object for trust anchors




Paul:

At 8:26 PM -0400 6/11/07, Michael Richardson wrote:
    Paul> and some would want them as PGP certificates. It makes sense
    Paul> to allow one set of trust anchors being delivered to contain
    Paul> multiple types and let the receiver sort out which types it
    Paul> can use.

  That seems more complicated (in code space) than just making everyone
use BER CMS to me...

BER CMS of *what*? A bare public key? A cert of a particular format? What I'm thinking is a requirement for flexibility is not the housing, but the contents.

I suspect this is a reference to a PKCS#7 that contains only as single certificate. This is the format that is used by many CAs in response to a PKCS#10 certificate request.

Russ