Unlike Steve Farrell, I have no major objection to the inclusion of a
policy OID.
Good.
> However, I do have a major objection to the use of policy
qualifiers. When we were developing RFC 2459, I fought to exclude them
from the certificate policy. I wish I had fought harder. I think that
they really hurt interoperability and add significant implementation
complexity. I do not want to see that repeated here.
Do you really think this is the case for the CPS Pointer and User Notice
qualifiers ?
"The CPS Pointer qualifier contains a pointer to a Certification
Practice Statement (CPS) published by the CA."
"User notice is intended for display to a relying party when a
certificate is used."
RFC 3280 states: "Optional qualifiers, which MAY be present, are not
expected to change the definition of the policy."
I do not understand why these two qualifiers "really hurt
interoperability" and for that reason should be banned. Would you explain ?