Re: [TLS] Verifying X.509 Certificate Chains out of order

To: tls at ietf.org
Subject: Re: [TLS] Verifying X.509 Certificate Chains out of order
From: Axel.Heider at gi-de.com
Date: Tue, 7 Oct 2008 12:25:03 +0200
Delivered-to: ietfarch-tls-web-archive at core3.amsl.com
Delivered-to: tls at core3.amsl.com
In-reply-to: <E1Kmme1-0007As-9b at wintermute01.cs.auckland.ac.nz>
List-help: <mailto:tls-request@ietf.org?subject=help>
List-id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-post: <mailto:tls@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
Sender: tls-bounces at ietf.org

> I'd say modify it, in fact I'm not sure what the rationale for requiring 

> ordering was in the original spec, "it's tidier that way" doesn't strike 
me as 
> a good argument :-).

Consider TLS on low-end or embeddede devices with limited ressources. 
Walking through the chain becomes difficult or even impossible if 
there is no order. 

regards, 
Axel Heider
_______________________________________________
TLS mailing list
TLS at ietf.org
https://www.ietf.org/mailman/listinfo/tls

References:
- Re: [TLS] Verifying X.509 Certificate Chains out of order
  - From: Peter Gutmann

Prev by Date: Re: [TLS] Verifying X.509 Certificate Chains out of order
Next by Date: Re: [TLS] Verifying X.509 Certificate Chains out of order
Previous by thread: Re: [TLS] Verifying X.509 Certificate Chains out of order
Next by thread: Re: [TLS] Verifying X.509 Certificate Chains out of order
Index(es):
- Date
- Thread

Re: [TLS] Verifying X.509 Certificate Chains out of order

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.