[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Deprecate the NR bit?

To: "Peter Williams" <peterw@xxxxxxxxxxxx>, "Fillingham, David W." <dwfilli@xxxxxxxxxxxxxx>, "'Stefan Santesson'" <stefan@xxxxxxxxxxx>, "'Linn, John'" <jlinn@xxxxxxxxxxxxxxxxxxxx>
Subject: RE: Deprecate the NR bit?
From: Tony Bartoletti <azb@xxxxxxxx>
Date: Fri, 27 Aug 1999 10:57:05 -0700
Cc: <ietf-pkix@xxxxxxx>
In-reply-to: <>
References: <>

Peter,

I think you've struck the best compromise that can be reached
on this issue.

___tony___

At 10:27 AM 8/27/99 -0700, Peter Williams wrote:

I agree we should not deprecate the bit; there are coherent
application contexts, including NATO X.400 secure inter-personal
and organizational messaging service, and Authenticode. Neither
of these contexts deviate from the ISO NR definitions and intent.

We should remove any "mandatory requirement" for
use of the NR-bit in IETF std protocols/profiles, however.

Use of the NR bit should always be an operational
choice; it is helpful if operational context(s)
is/are signaled in the enhancedKeyUsage field.

Any PKIX language which implies a dependency between
use of the NR bit and any other key usage bit, should be
ignored for the purpose of compliance testing.

Tony Bartoletti LL
IOWA Center LL LL
Lawrence Livermore National Laboratory LL LL LL
PO Box 808, L - 089 LL LL LL
Livermore, CA 94551-9900 LL LL LLLLLLLL
phone: 925-422-3881 fax: 925-423-8081 LL LLLLLLLL
email: azb@llnl.gov LLLLLLLL

References:
- RE: Deprecate the NR bit?
  - From: Fillingham, David W.
- RE: Deprecate the NR bit?
  - From: Peter Williams

Prev by Date: RE: Deprecate the NR bit?
Next by Date: Re: Deprecate the NR bit?
Previous by thread: RE: Deprecate the NR bit?
Next by thread: Re: Deprecate the NR bit?
Index(es):
- Date
- Thread