Changes between Version 5 and Version 6 of GeniApiCertificates
- Timestamp:
- 04/19/12 12:02:01 (12 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
GeniApiCertificates
v5 v6 91 91 92 92 === Validation === 93 To be valid, certificates must 93 To be valid, certificates must: 94 94 - Follow the format rules above 95 95 - Expire later than the current time … … 101 101 - Essentially, The authority name of the signer must be a prefix of the subject name. EG: `a\.b` is an authority for, `a\.b.c.d`, but `a` is not an authority for, `a\.b.c.d` (the subject's name starts with `a.b`, where we've escaped the `.`). Also any authority name is an authority for itself. 102 102 103 For sample python code to validate GENI certificates, see http://git.planet-lab.org/?p=sfa.git;a=tree;f=sfa/trust;hb=HEAD, or the [http://trac.gpolab.bbn.com/gcf/ GCF package], under `gcf/src/sfa/trust`. 104 103 105 === Hierarchy === 104 106