[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NR, redux, again.

To: <oscar.jacobsson@xxxxxxxxxxx>
Subject: Re: NR, redux, again.
From: "Bob Jueneman" <BJUENEMAN@xxxxxxxxxx>
Date: Mon, 01 Nov 1999 09:57:12 -0700
Cc: <ietf-pkix@xxxxxxx>

>>> Oscar Jacobsson <oscar.jacobsson@celocom.com> 11/01/99 09:46AM >>>
Bob Jueneman wrote:
> Then, once it becomes obvious that a single bit is not sufficient
> to represent all of the different and useful notions that are at
> least close to NR, we can them make progress in defining those
> addition bits or states.

Mr. Jueneman, list:

This might well constitute sticking my neck out too far, but since the
certificatePolicies extension has room for more than one
PolicyInformation SEQUENCE, could not the PKIX working group try working
out a set of the most common conceptions of the usage of the NR bit and
define CertPolicyId's for them that conformant CAs could add to their
own?

The combination of NR-specific policyIdentifier and presence/absence of
NR-bit should hopefully be sufficient to represent at least the
different notions present in the PKIX working group.

Just a thought.

//oscar

Oscar, that's a thought, and one of a number of possibilities.

But one of the most important issues that your suggestion brings up
is whether NR has anything to do with a CA  AT ALL, and therefore
whether it is appropriate to represent in a CertPolicyId extension.

Bob

Follow-Ups:
- Re: NR, redux, again.
  - From: Tony Bartoletti

Prev by Date: Re: NR, redux, again.
Next by Date: RE: Comments on draft-ietf-pkix-ldap-v3-01.txt
Previous by thread: Re: NR, redux, again.
Next by thread: Re: NR, redux, again.
Index(es):
- Date
- Thread