RE: SCVP 16 comments deadline

[Peter Sylvester <Peter.Sylvester@xxxxxxxxxx>]

> [TF] 
> Reputedly copying the same section from 3379 has the same effect. I
> believe the current draft of SCVP complies with the text. The name must
> be in the certificate. I don't see value in repeating the value twice in
> the request.

And I don't "believe" this.in fact,I don't have to believe anything here,
since I know why I had asked for the text in 3379.

If one gets married, I don't necessarily want to change the identity 
indicated in a drivers licence just because of this. I want to be able 
to pretend to have a certain identity, i.e. a statement to be made for
it, and then, in whatever way, provide the means to authenticate this
identity, and not the other way around, to derive a potentially unwanted
identity.

If a certificate would be sufficient, then I don't see what can be
the meaning of the sentence  

"Mechanisms for matching this identifier with the
   authenticated identity depends on local DPV server conditions and/or
   the validation policy."

a sentence which is grammatically incorrect, but anyway: There are
clearly TWO identifiers, one is the authenticated identity, and one
is another. 

If all declarations are done via a certificate that is also used
for authentication, what would be "mechanism for matching" of TWO
things can occur?  

But well, maybe the authors of 3379 may comment.  

Peter