trust field for CMS
Bernhard Reiter
bernhard at intevation.de
Fri Dec 12 08:49:06 CET 2008
Am Freitag, 5. Dezember 2008 10:42:10 schrieb Werner Koch:
> On Thu, 21 Aug 2008 16:20, bernhard at intevation.de said:
> > What about using 'm' in CMS (X.509) to indicate that
> > --disable-crl-checks OR --disable-policy-checks is active?
>
> I do not think tha this is a good idea. For OpenPGP we have no way to
> to check whether gpg has recently checked for a revocation certificate
> and thus the behaviour would be different between OpenPGP and X.509: In
> OpenPGP the 'm' describes a "marginally valid certificate" whereas in
> X.509 it descrives, a "fully valid certificate", just not checked for
> revocations.
Yes, I agree that it is different.
I was wondering how this status could be communicated
and what "marginally valid certificate" translated to in client action.
So I saw the coindicence.
--
Managing Director - Owner: www.intevation.net (Free Software Company)
Germany Coordinator: fsfeurope.org. Coordinator: www.Kolab-Konsortium.com.
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 206 bytes
Desc: This is a digitally signed message part.
URL: </pipermail/attachments/20081212/a78adc2d/attachment.pgp>
More information about the Gnupg-devel
mailing list