Q: How to validate a cert. chain

• To: www-security@ns2.Rutgers.EDU
• Subject: Q: How to validate a cert. chain
• From: Ravi Shankar <ravi.shankar@citicorp.com>
• Date: Sat, 11 May 96 13:13:44 IST
• Mailer: Elm [revision: 70.85.2.1]

Hi all

How does an application (browser, web server, etc.) validate the
public key of a communicating agent when no certificate chain of
CAs is provided along with the certificate?

Most online FAQs and things talk about 'Public Key directories', but is
there an established protocol which an application can use to
recursively contact CAs in a hierarchy?

I have gone through the SSLeay code, and it seems to expect the CA
to "reside" on the local machine. How do applications currently handle
this?

Tks
Ravi

• Previous: Re: Protected Page...
• Next: Re: A Netscape bug?
• Index(es):
  • Index
  • Thread