Re: I-D ACTION:draft-ietf-pkix-dpv-dpd-req-01.txt

[Denis Pinkas <Denis.Pinkas@xxxxxxxx>]

Petra,

See my response to Russ on this topic. We are not going to make any
requirement for Attribute Certificates at this time or "when the document is
stable".

Denis

> Denis,
> 
> in Germany there are implementations of attribute certificates.
> But they are not relevant for us now. Nevertheless I would like
> to see that the protocol design allows us to use it for attribute
> certificates as well when they might become a requirement.
> 
> In the requirement document you already talk about "any kind of
> certificate". My proposal is: just add the different types in brackets.
> 
> > 3. Rational and benefits for DPV (Delegated Path Validation)
> >
> > DPV allows to perform a real time validation for a time T for any kind
> > of certificate and any kind of security service.
> >
> 
> The DPV/DPD draft only allows for X.509 public key certificates.
> I guess you will update this when the requirement document is stable,
> don't you?
> 
> - Petra
> 
> Denis Pinkas schrieb:
> 
> > Russ,
> >
> > > Petra and Denis:
> > >
> > > The structure of SCVP makes it very easy to add support of attribute
> > > certificates (or PGP certificates for that matter) at a later date.
> >
> > We are not talking of solutions at this time, but only of requirements.
> > So the question is whether we add in the requirements document some text
> >
> > to cover attribute certificates. If we do, which text ?
> >
> > We have not say, at this time, whether SCVP or some flavor of it, will
> > be
> > the protocol that answers to these requirements.
> >
> > Denis
> >
> > > We need to make sure that there is a constituency for the protocols
> > > we develop for the standards track.
> > >
> > > Russ