Re: gnome-keyring trust assertions

From: Stef Walter <stefw collabora co uk>
To: Yaron Sheffer <yaronf gmx com>
Cc: gnome-keyring-list gnome org
Subject: Re: gnome-keyring trust assertions
Date: Wed, 15 Dec 2010 08:36:29 -0600

On 2010-12-15 01:17, Yaron Sheffer wrote:
> So the question is, can you have multiple CA certs in a chain have
> anchored assertions associated with them. And then:
> - Do you only use the "top" assertion?
> - Only the "bottom" (most specific) assertion?
> - An additive combination of all assertions along the path?

The 'bottom' assertion, the one closest to the end-entity is the one
that's used. If you anchor trust (for a given purpose) in an
intermediate CA then there's no point in going any further.

Cheers,

Stef

References:
- Re: gnome-keyring trust assertions
  - From: Yaron Sheffer
- Re: gnome-keyring trust assertions
  - From: Stef Walter
- Re: gnome-keyring trust assertions
  - From: Yaron Sheffer
- Re: gnome-keyring trust assertions
  - From: Stef Walter
- Re: gnome-keyring trust assertions
  - From: Yaron Sheffer
- Re: gnome-keyring trust assertions
  - From: Stef Walter
- Re: gnome-keyring trust assertions
  - From: Yaron Sheffer

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]