Re: DPD & DPV Basics

[Paul Hoffman / IMC <phoffman@xxxxxxx>]

At 9:00 PM -0500 1/16/01, Stephen Kent wrote:
> > It sounds like we need to decide whether non-PKI aware,
> > non-ASN.1-capable clients need to be supported. If so, we should
> > probably define a set of requirements for such clients and include this
> > item in that list. I would suggest that such clients are an important
> > group and should be supported.
>
> I put this question to the list in my strawman spec over 2 weeks 
> ago, and have not yet gotten a concrete proposal on how to 
> accommodate such clients.  I will soon decide that we will NOT 
> support them for now, unless I see such a proposal.

I think that many vendors would like these clients to be able to 
exist, but have bitten the bullet and done the ASN.1 to at least 
parse the cert. Given the strong arguments we had when I first 
proposed SCVP for non-ASN.1 clients, and the fact that none of the 
vendors wanted to say in public that this is what they needed, I 
think it is OK to limit the scope of the discussion to a client that 
can parse a cert and knows what pieces it needs to implement its 
security policy.

--Paul Hoffman, Director
--Internet Mail Consortium