[cgl_discussion] about the requirement for PKI CA Support

Zhao, Forrest forrest.zhao at intel.com
Wed Jun 18 20:58:15 PDT 2003


I'm a bit confused with one of CGL 2.0 requirement: ID 7.3.4 Name PKI CA
Support

 

1

The requirement says: "Certificate Management/Request protocols are not
a

requirement; CRL Support (Certification Revocation List) is required"

 

We know that CRL support is one component of Certificate Management
protocols

(RFC 2510), how should we understand this contradiction? Does this "CRL

support" mean that CGL 2.0 only support the publication of CRL, not
support the creation of CRL?

 

2

If we only support the publication of certificate and CRL in PKI CA, I
don't

think this PKI CA have much use. So I'd like to ask a question: what
indeed do we want a PKI CA to do in CGL 2.0? Just for the publication of
certificate and CRL?

 

Thank you for your comments!

Forrest

 

 

 

 

 

**These views are not necessarily those of my employer.** 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.linux-foundation.org/pipermail/cgl_discussion/attachments/20030619/a473bf60/attachment-0001.htm


More information about the cgl_discussion mailing list