[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

draft-ietf-pkix-scvp-18.txt comments

To: ietf-pkix@xxxxxxx
Subject: draft-ietf-pkix-scvp-18.txt comments
From: "Frank Balluffi" <frank.balluffi@xxxxxx>
Date: Tue, 29 Mar 2005 12:23:16 -0500
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-id: <ietf-pkix.imc.org>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxxxxxxx

Sorry for the late comments and if others have already made them.

1. Should ValidationPolicy's extendedKeyUsages include "SIZE (1..MAX)" -- 
section 3.2.4?

2. Why is the type ValidationAlg defined (section 3.2.4.2)? Why not use 
AlgorithmIdentifier?

3. CVRequest's requestorName is of type GeneralName [singular] (section 
3), yet CVResponse's requestorName is of type GeneralNames [plural] 
(section 4)? Is this intentional or a mistake?

4. In section 4.9.4, the status values 2 (Revocation Offline) and 3 
(Revocation Unavailable) imply that a path was built and validated, but 
the document does not explicitly state this. Should the document 
explicitly state this?

5. observation: The order of certificates in a CertBundle is least 
significant first (section 4.9.5), whereas Web Services Security's 
wsse:PKIPath is the opposite (most significant first) -- see 
WS-Security-Addendum200208.pdf. Too bad they are different.

6. typo: The first sentence of section 4.12 should say "the 
cvResponseExtensions item", not "the CVResponseExtensions item".

7. In section 6, should the following ValPolResponse items include "SIZE 
(1..MAX)":

validationPolices
validationAlgs
authPolicies
serverPublicKeys

Frank

Prev by Date: Tha new rawlex repliccas has finelly arrived bloodshot
Next by Date: Issue #5 - AIA in CRL draft
Previous by thread: Tha new rawlex repliccas has finelly arrived bloodshot
Next by thread: Issue #5 - AIA in CRL draft
Index(es):
- Date
- Thread