 |
 |
 |
 |
|
 |
|
 |
|
 |
|
 |
|
|
|
|
|
|
|
|
|
|
|
|
On Jul 23, 2008, at 5:27 AM, <Pasi.Eronen at nokia.com> <Pasi.Eronen at nokia.com > wrote:
Most IETF protocols that send certificates around support sending certificate chains, too. Should syslog-sign support this, too? If not, why?
The model is for a more direct trust system where the certificate transfered is its own trust anchor. So if I am going to send you a log stream that I'll be signing with a certificate, I just send you the cert that I'm signing with. There's no need for a chain. Perhaps that cert descends from a formal CA and that may contain its own goodness, but it is not necessary.
Jon _______________________________________________ Syslog mailing list Syslog at ietf.org https://www.ietf.org/mailman/listinfo/syslog