|
There are some issues I think with the language in
the opening of the rev 15 draft. One instance that should be addressed is the
issue of the incompatible use of "may" and "is" in the abstract and opening
sections.
<!--StartFragment-->A TSA may be
operated as a Trusted
Third Party (TTP) service, though other operational models may be appropriate, e.g. an organization might require a TSA for internal time stamping purposes. In the above clip the abstract specifically
states the operation may be a TTP but in all other sections of the document the
architecture is assumed to be a TTP model.
<!--StartFragment-->...a Time Stamp Authority (TSA) may need to be
used. This Trusted Third
Party... I was thinking about using a TSA as
distributed timestamp engines, and in a corporate-use-model I might want more
than one. Say a corporation might have 4 or 6 or more TSA's internal to
its Intranet, and in using them I might want to be able to advertise to the
clients and from the client side, as well as be able to broadcast a query
for a TSA.
The other thing is that to complete this, there
really needs to be some way of communicating/qualifying the policy from the
client's side so that the client can select whether this is the TSA they want to
do business with.
Just my two cents.
This way I can ask for TSA's, review their
policies, and transact a TS instance with the one I select.
Todd Glassey
|