Heh, I was hoping not to have to reference that one. The RFCs are meant to specify everything needed to interpret the specs.
On Wed, Jun 5, 2013 at 5:21 AM, Rob Stradling <[email protected]>wrote: > On 04/06/13 22:51, Phillip Hallam-Baker wrote: > >> On Tue, Jun 4, 2013 at 5:39 PM, Adam Langley <[email protected] >> <mailto:[email protected]>> wrote: >> > <snip> > > Not to mention, does anyone have any idea what an aACompromise could >> mean? >> >> >> Its an attribute authority. For attribute certs. >> >> Well actually that is only a supposition because none of the terms seem >> to be defined. >> > > X.509 (11/2008) defines the reason codes as follows... > > "8.5.2.2 Reason code extension > ... > The following reason code values indicate why a certificate was revoked: > - 'unspecified' can be used to revoke certificates for reasons other > than the specific codes; > - 'keyCompromise' is used in revoking an end-entity certificate; it > indicates that it is known or suspected that the subject's private key, or > other aspects of the subject validated in the certificate, have been > compromised; > - 'cACompromise' is used in revoking a CA-certificate; it indicates that > it is known or suspected that the subject's private key, or other aspects > of the subject validated in the certificate, have been compromised; > - 'affiliationChanged' indicates that the subject's name or other > information in the certificate has been modified but there is no cause to > suspect that the private key has been compromised; > - 'superseded' indicates that the certificate has been superseded but > there is no cause to suspect that the private key has been compromised; > - 'cessationOfOperation' indicates that the certificate is no longer > needed for the purpose for which it was issued but there is no cause to > suspect that the private key has been compromised; > - 'privilegeWithdrawn' indicates that a certificate (public-key or > attribute certificate) was revoked because a privilege contained within > that certificate has been withdrawn; > - 'aACompromise' indicates that it is known or suspected that aspects of > the AA validated in the attribute certificate, have been compromised." > > -- > Rob Stradling > Senior Research & Development Scientist > COMODO - Creating Trust Online > > -- Website: http://hallambaker.com/
_______________________________________________ wpkops mailing list [email protected] https://www.ietf.org/mailman/listinfo/wpkops
