Hi Steve, Thanks for reviewing my concerns.
Appears I must have skipped a paragraph in reading. Thanks Terry On 5/11/09 7:03 AM, "Stephen Kent" <[email protected]> wrote: > Terry, > > IN a message on 10/28 you said: > >> * Section 4.6.1-3 I'd like it made clear that renewal be only to the same >> subscriber. eg the subscriber before and after renewal is the same. At >> present it says that only the valid subscriber may request renewal, but >> allows a new private key. I think there is too much wriggle room in that for >> a subscriber to renew with someone else's private key. > > > I reviewed the CP text and I think this is clear. > > Specifically 4.6.2 says: "Only the certificate holder or the issuing > CA may initiate the renewal process." > > And 4.6.3 says: "Renewal procedures must ensure that the person or > organization > seeking to renew a certificate is in fact the subscriber (or > authorized by the subscriber) of the certificate and the legitimate > holder of the INR associated with the renewed certificate." > > I think these two text sections already address the issue you raised. > > Steve _______________________________________________ sidr mailing list [email protected] https://www.ietf.org/mailman/listinfo/sidr
