[cgl_discussion] about the requirement for PKI CA Support
forrest.zhao at intel.com
Wed Jun 18 19:58:42 PDT 2003
I'm a bit confused with one of CGL 2.0 requirement: ID 7.3.4 Name PKI CA
The requirement says: "Certificate Management/Request protocols are not
a requirement; CRL Support (Certification Revocation List) is required"
We know that CRL support is one component of Certificate Management
protocols (RFC 2510), how should we understand this contradiction? Does
this "CRL support" mean that CGL 2.0 only support the publication of
CRL, not support the creation of CRL?
If we only support the publication of certificate and CRL in PKI CA, I
don't think this PKI CA have much use. So I'd like to ask a question:
what indeed do we want a PKI CA to do in CGL 2.0? Just for the
publication of certificate and CRL?
Thank you for your comments!
**These views are not necessarily those of my employer.**
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cgl_discussion