[cabfpub] [CABFORUM] Re: Intermediate certificate names
Eddy Nigg
eddy_nigg at startcom.org
Tue Mar 10 17:07:46 UTC 2015
On 03/10/2015 06:59 PM, Peter Bowen wrote:
> How do you define "the real CA"?
When speaking about intermediate CAs I believe there are two external
types. Those that are fully controlled by the CA holding the private key
and those that are managed and controlled by the parent CA not holding
the private key.
However in both scenarios the intermediate CA is designed to be used for
an by a particular entity for whatever purpose the parent CA agreed to.
The difference is the way each type is audited and disclosed (Mozilla).
The third type is the intermediate CA that is controlled and used by the
parent CA internally and directly.
--
Regards
Signer: Eddy Nigg, COO/CTO
StartCom Ltd. <http://www.startcom.org>
XMPP: startcom at startcom.org <xmpp:startcom at startcom.org>
Blog: Join the Revolution! <http://blog.startcom.org>
Twitter: Follow Me <http://twitter.com/eddy_nigg>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150310/b2a45a73/attachment-0002.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4313 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.cabforum.org/pipermail/public/attachments/20150310/b2a45a73/attachment.p7s>
More information about the Public
mailing list