At 10:09 AM +0100 12/13/07, Denis Pinkas wrote:
...I propose to delete the following sentence, since we do not agree with all the observations made in DR 320.Thus we agree with the observations made in DR 320.
I have already changed the text to reflect the fact that we agreed with the two points from DR 320 that were cited in the liaison message, not with all of DR 320. This was triggered by David Kemp's message of 12/10 re the draft meeting minutes, and is illustrated in my response to his message, posted on 12/11.
It is a fact that Certification Authorities (CAs) are being deployed with names chosen locally, without acquiring a DN from a naming authority.This sentence is very important and its consequences should be mentionned. I propose to add the following text:"As a consequence, nothing may prevent two unrelated CAs to choose the same DN for two different entities (e.g. end-entities, CAs, CRL Issuers, OCSP responders). By implication, a CA DN and a serial number taken alone do not necessarilly identify a single entity".
I don't think we need to provide this explanation of the implications. Steve