[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: CA vs. EE cert processing

To: "'John_Wray@xxxxxxxx '" <John_Wray@xxxxxxxx>, "'Stephen Kent '" <kent@xxxxxxxxxxx>
Subject: RE: CA vs. EE cert processing
From: Alan Lloyd <Alan.Lloyd@xxxxxxxxxxxxxxxxxxxx>
Date: Wed, 14 Apr 1999 21:00:37 +1000
Cc: "'ietf-pkix@xxxxxxx '" <ietf-pkix@xxxxxxx>
List-archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Sender: owner-ietf-pkix@xxxxxxx

Comments 

Steve wrote:

Itoo  am surprised that there is disagreement, but about the need to
change
X.509, not to change 2459.  PKIX is new, but X.509 for v3 is essentially
just as new.  an argument based on deployed PKIX vs. X.509 v3 compliant
systems does not hold water. I object to the notion that we should
change
2459 to compensate for what strikes me as an oversight in X.509.

Steve

I am also surprised that with the number of X.500 specialists on this
list that they are not saying that X.509 has errors.
I think most of think that X.509 is a standard that provides a
transition strategy to the use of extensions. And RFC 2450 is a profile
(hence its title) that determines how (repeat HOW) that standard is
used.
If the profile reflects an ambiguity (which is deemed by a few) in the
standard, then the profile document has failed.

Simple isnt it.

regards alan

Follow-Ups:
- RE: CA vs. EE cert processing
  - From: Stephen Kent

Prev by Date: Double quotes in DNs
Next by Date: New proposed solution to the QC biometric issue
Previous by thread: Re: CA vs. EE cert processing
Next by thread: RE: CA vs. EE cert processing
Index(es):
- Date
- Thread