Re: Last Call: draft-ietf-pkix-new-part1-06.txt comments

["David P. Kemp" <dpkemp@xxxxxxxxxxxxxx>]

Steve,

I have no preference whether in the phrase "CertificateList (e.g., CRL)"
the "e.g.," stays or goes.  Note that some people use CRL to refer
to every instance of a CertificateList, whereas others use CRL, ARL,
ACRL, ICRL, DCRL, etc. to distinguish lists used for different
purposes.  Thus CRL may be either an example of, or a synonym for,
CertificateList.

I agree that the state of the cRLSign bit is not relevant to OCSP
responses and that CertificateList is the only data structure
which requires this bit.

Dave K
 

Stephen Kent wrote:
> 
> Also, in responde to other messages I've just been reading, I want to
> pont out that OCSP responses are not CRLs, so the value of the
> cRLSign bit should not be an issue for an OCSP responder. This
> suggests that the Lation abbreviation "e.g.," is inappropriately used
> when referring to revocation status info verified using a cert with
> the cRLSign bit enabled. CRLs are the only data structures the
> validation of which is relevant to this bit.  They are not an example.
> 
> Steve