[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Critical extensions and Policy OIDs

To: Charles Moore <cmoore@xxxxxxxxxxxxx>
Subject: Re: Critical extensions and Policy OIDs
From: "Simonetti David" <simonetti_david@xxxxxxx>
Date: Thu, 11 Dec 1997 15:29:49 -0500
Cc: moshe@xxxxxxxxxxxxxx, ietf-pkix@xxxxxxxxxx
Organization: BAH
References: <>

Charles,

You should direct your comment to X.509, not PKIX-1, since that is where
the requirement originates.  It is only when the extension is made
critical that there is any implication to the application.  PKIX-1 does
not provide a recommendation for criticality.

Dave Simonetti

Charles Moore wrote:
> 
> -----Original Message-----
> From: Simonetti David <simonetti_david@bah.com>
> To: moshe@checkpoint.com <moshe@checkpoint.com>
> Cc: ietf-pkix@Tandem.COM <ietf-pkix@Tandem.COM>
> Date: Friday, 12 December 1997 2:54
> Subject: Re: Critical extensions and Policy OIDs
> 
> :Moshe,
> :
> :I respectively disagree with your analysis.  The paranthetical of PKIX-1
> :is not a reference to cert path validation, but rather is a reference to
> :how the application *uses* the certificate after validation (please
> :let's not debate the merits applying requirements to the application).
> 
> But that is the issue, and PKIX should not try and standardise applications.
> 
> Stick to providing standardised services that let end users make policy
> decisions.

References:
- Re: Critical extensions and Policy OIDs
  - From: Charles Moore

Prev by Date: Re: [IETF-PKIX] 7/10 draft update
Next by Date: draft meeting minutes
Previous by thread: Re: Critical extensions and Policy OIDs
Next by thread: Comments on IPKI Part V: Time Stamp Protocols
Index(es):
- Date
- Thread