[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: X.509 profile & SCVP
Hi colleagues, there is the client request to support the validation of X.509 certificates by DSS-X. Technically this isn't a big deal as the core interface will remain unchanged (treating the certificate as an enveloped signature). The implementor's side should be an easy job, too. As certificate validation is a major part of the signature validation. I drafted a profile (see attached) just by using the existing elements of the core. Comments welcome! This result has a big overlap with the SCVP (Serverside Certificate Validation Protocol, RFC 5055) and I don't like to reinvent existing wheels. But with DSS-X's multi-syntax binding the X.509 profile does offer real added value compared to ASN.1-only SCVP. So I thought about addressing the SCVP authors and ask for their view and hopefully some contribution. Would this make sense? Greetings, Andreas -- Andreas KÃhne phone: +49 177 293 24 97 mailto: kuehne@trustable.de Trustable Ltd. Niederlassung Deutschland Gartenheimstr. 39C - 30659 Hannover Amtsgericht Hannover HRB 212612 Director Andreas KÃhne Company UK Company No: 5218868 Registered in England and Wales
Attachment:
oasis-dssx-2.0-profiles-x.509.docx
Description: Binary data
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]