Thanks a lot Jeff, The book is really very useful. On Sun, Feb 24, 2013 at 12:36 AM, Jeffrey Walton <noloa...@gmail.com> wrote:
> On Fri, Feb 15, 2013 at 9:25 AM, Ashok C <ash....@gmail.com> wrote: > > On Thu, Feb 14, 2013 at 5:31 PM, Jeffrey Walton <noloa...@gmail.com> > wrote: > >> On Thu, Feb 14, 2013 at 5:58 AM, Ashok C <ash....@gmail.com> wrote: > >> > > >> > As part of implementing certificate expiry related alarms for my SSL > >> > application, I would kindly require few suggestions and clarifications > >> > from the community. > >> ... > >> > >> There are two hidden issues: (1) what precisely is warranted, and (2) > >> what liability is in play. Good luck in pinning a CA on liability (100 > >> page plus CPSs). > > > > Not clear what you exactly meant here. Could you please put it in more > > simpler terms? Thanks. > >> > Read the chapter on PKI from Peter Gutmann's Security Engineering (pp. > 595-650, www.cs.auckland.ac.nz/~pgut001/pubs/book.pdf). > > It's not dry reading. Its interesting from a technical POV (what's the > problem, how is it being solved); from a historical POV (committee > disagreements, past failures, etc); and it's somewhat humorous at > times (Gutmann has a witty sense of humor). > > Jeff >
