Re: [Servercert-wg] [secdir] Secdir last call review of draft-gutmann-testkeys-04

Hi Wayne, This is helpful and much appreciated! > On Jul 18, 2023, at 11:15 AM, Wayne Thayer wrote: > > Hi Clint, > > Thank you for helping to unpack my concerns. > > On Mon, Jul 17, 2023 at 2:28 PM Clint Wilson > wrote: >> Hi Wayne, >> >> I’d like to better

Re: [Servercert-wg] [secdir] Secdir last call review of draft-gutmann-testkeys-04

Hi Clint, Thank you for helping to unpack my concerns. On Mon, Jul 17, 2023 at 2:28 PM Clint Wilson wrote: > Hi Wayne, > > I’d like to better understand your worry and perhaps interpretation of BR > 6.1.1.3(4) and 4.9.1.1(3,4,16). Just to restate for my benefit, the concern > is that: IF we

Re: [Servercert-wg] [secdir] Secdir last call review of draft-gutmann-testkeys-04

Hi Tim, On 18/7/2023 5:59 μ.μ., Tim Hollebeek via Servercert-wg wrote: Part of the problem here is a lack of a shared understanding of what it means to bind a keypair to an identity. It’s perfectly reasonable to argue that a certification authority’s only role is to verify the identity

Re: [Servercert-wg] [secdir] Secdir last call review of draft-gutmann-testkeys-04

Part of the problem here is a lack of a shared understanding of what it means to bind a keypair to an identity. It’s perfectly reasonable to argue that a certification authority’s only role is to verify the identity (which could be a domain name), and associate the owner’s chosen public key