[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [IETF-PKIX] Defintion of terms

To: IETF-PKIX@xxxxxxxxxxxxxxxx
Subject: Re: [IETF-PKIX] Defintion of terms
From: Phillip M Hallam-Baker <pbaker@xxxxxxxxxxxx>
Date: Fri, 19 Dec 1997 13:25:14 -0500
Reply-to: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>
Sender: "IETF X.509-based public key infrastructure mailing list" <IETF-PKIX@xxxxxxxxxxxxxxxx>

>Colleagues - Here is my proposal ...
>
>Authority A cross-certifies Authority B if the subscriber community of A
>is extended (potentially with restrictions) to include all, or a
>sub-set, of the subscriber community of B.  But, the relying party
>community of A is not so extended.


This strikes me as a precisely defining a vague notion of the term.

This definition specifies an outcome rather than a procedure. Since
'Certification' is a well defined proceedure in the PKIX vocabulary I
would expect any term of the form 'x-Certification' to be a more
specialized variant of the basic certification proceedure.

Put another way the term is defined in the manner of a requirement
while many people would expect it to refer to an implementation.

The problem becomes more clear when one considers the noun
form of the verb. If I know what certification, cross-certification
and certificate mean then the meaning of 'cross-certificate' should
be self explanatory. I don't think the proposed definition achieves
this.

Where is the term used in the PKIX specs?

        Phill

Prev by Date: Re: [IETF-PKIX] Defintion of terms
Next by Date: Re: [IETF-PKIX] Defintion of terms
Previous by thread: Re: [IETF-PKIX] Defintion of terms
Next by thread: Re: [IETF-PKIX] Defintion of terms
Index(es):
- Date
- Thread