It seem like we have a discussion among three Davids. I like David C's definition. If I hear no objection, that is what we continue with. Erik Andersen Andersen's L-Service Elsevej 48, DK-3500 Vaerloese Denmark Mobile: +45 2097 1490 e-amail: era@xxxxxxx Skype: andersen-erik http://www.x500.eu/ http://www.x500standard.com/ http://dk.linkedin.com/in/andersenerik -----Oprindelig meddelelse----- Fra: x500standard-bounce@xxxxxxxxxxxxx [mailto:x500standard-bounce@xxxxxxxxxxxxx] På vegne af David A. Cooper Sendt: 5. oktober 2011 17:57 Til: x500standard@xxxxxxxxxxxxx Emne: [Spam] [x500standard] Re: SV: [Spam] Re: SV: Re: Forward and Reverse Certification Path Erik, The emails that you forwarded seemed to be addressing the question of which direction is "forward" and which direction is "reverse" rather than whether the first certificate in a certification path is the certificate issued by the trust anchor or the target certificate. However, Section 1.3 of RFC 4158, which Carl Wallace referenced, defines "certification path" as follows: Certification Path: An ordered list of certificates starting with a certificate signed by a trust anchor and ending with the target certificate. RFC 4158 defines "Building in the Forward direction" as building from the target certificate to a trust anchor, but it still defines the certification path as starting with the certificate issued by the trust anchor. Dave On 10/05/2011 11:40 AM, Erik Andersen wrote: > > David, David and others, > > Personally, I do not care too much, whether we define a certification > path going one direction or the other. However, defining as going from > top to bottom may ease some descriptions. We may even not need to > define forward and reverse direction, as validation is from top to > bottom. In any case, I do want a clear and unambiguous definition. > > Attached you may see a couple of messages leading to the current > definition. > ----- www.x500standard.com: The central source for information on the X.500 Directory Standard. ----- www.x500standard.com: The central source for information on the X.500 Directory Standard.