[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: [Fwd: Re: encoding an X.509 certificate]
The discussion on the IETF PKIX working group is starting to border on the ridiculous. I do hope that we can avoid these kinds of situations/discussions. More on this tomorrow. Arshad -------- Original Message -------- Subject: Re: encoding an X.509 certificate Date: Mon, 17 Nov 2008 12:03:59 -0800 From: Arshad Noor <arshad.noor@strongauth.com> Organization: StrongAuth, Inc. To: ietf-pkix@imc.org References: <OF6366D226.4B1510D8-ON852574FF.005D5170-85257500.00079556@us.ibm.com> <p06240514c5474e7c5e53@[130.129.30.0]> <b59232959040fd46001fc84228e0e7f5@doit.wisc.edu> <4921B1FD.5070800@cryptolog.com> I trust you are being facetious, Julien. If not, why bother with standards efforts at all? Lets all just cede the market to the biggest players in the industry - no matter how ridiculous their implementations may be - and call it a day. Arshad Noor StrongAuth, Inc. Julien Stern wrote: > > I think it really boils down to how big and powerful the company > implementing the validation is. If a BER encoded certificate (or a > certificate with a negative serial) is rejected by your implementation > AND if you can explain to your customers that YOU are doing the right > thing, then you are fine, otherwise, you'll have to patch your > implementation to accept the buggy certificates produced by a more > powerful entity than yours :) >
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]