From: "Zahid Ahmed" <zahmed@veosystems.com>
To: <java-security@java.sun.com>
Subject: Fw: X.509 Attribute Certificate
Date: Fri, 12 Mar 1999 06:50:12 -0800
This is a multi-part message in MIME format.
------=_NextPart_000_1150_01BE6C54.93C81A90
Content-Type: multipart/alternative;
boundary="----=_NextPart_001_1151_01BE6C54.93C81A90"
------=_NextPart_001_1151_01BE6C54.93C81A90
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Is there currently any support to generate X.509 Attribute Certificates =
using
currently available JCE Package?=20
=20
1. If not, how can we extend and/or generate such a certificate using=20
JCE? The thing is that an attribute certificate does not have a public=20
key associated with it. Hence, it can not, e.g., extend =
java.security.cert.Certificate.=20
(Or, if does, we are really associating a public key with a
group or organization which is not compatible, I believe,
with PKIX X.509 end-entity identity X.509 certs).
How can one create a X.509 Attribute Certificate? Also, are there=20
plans to do this in JCE?
=20
2. Also, I want to be able to include an attribute certificate in a=20
X.509Certiifcate which is an exetnsion of =
java.security.cert.certificate.=20
How can we add such an extension to X.509Certificate class?
Since this problem borders some evolving standards, please provide some
recommendation of how this can be done for allowing groups and roles
to be associated with an end-entity certificates.
=20
thanks & regards.=20
Zahid Ahmed Commerce One, Inc.
Commerce Security Architect
email: zahmed@veosystems.com
v: (650)-623-2814
fax: (650)-938-8055=20
------=_NextPart_001_1151_01BE6C54.93C81A90
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD W3 HTML//EN">