Re: Re- Hierarchies and Webs of

• To: Rich Salz <rsalz@osf.org>
• Subject: Re: Re- Hierarchies and Webs of
• From: John Linn <linn@cam.ov.com>
• Date: Wed, 26 Apr 1995 08:19:30 -0400
• cc: owner-www-security@ns2.rutgers.edu, www-security@ns2.rutgers.edu, linn@cam.ov.com
• In-reply-to: Your message of "Wed, 26 Apr 1995 00:07:06 EDT." <9504260407.AA21152@sulphur.osf.org>

Clarification:

>>The "hierarchical approach" you are referring to is that used by PEM, based on
>>X.509.  This builds on a lot of structure to constrain what you refer to as
>>"transitivity".
>
>Yes, classic PEM depended on Internet-wide X.500 deployment.  

Not quite.  Classic PEM's dependency is on X.500 name representations
in X.509 certificates; there is, however, no dependency on use of
an X.500 directory to store those certificates.  As with any
certificate-based approach, availability of a directory or other
queriable certificate repository is highly desirable, but it was
an important feature of the PEM design to enable "in-band" transfer
of certificate chains along with messages, thus allowing a
best-effort level of operation without a globally-accessible 
certificate repository.

--jl

• Re: Re- Hierarchies and Webs of
• From: Rich Salz <rsalz@osf.org>

• Previous: Re: Re- Hierarchies and Webs of
• Next: Re: Netscape Changes RSA tree
• Index(es):
  • Index
  • Thread