I completely agree with Ryan.
* Do not touch 5280 as there will be too many competing interests to improve it and interop will be broken or the bis version will be ignored. (Years ago I wanted to re-open PKIX and I learned what a bad idea that is, and I became ACME co-chair instead.) * There are extension points within 5280 that can be used, at the loss of built-in nameConstraints support. That doesn’t seem like a big loss, especially as the semantics for DTN are not clear. * Do not use the 5280 structures without saying this is PKIX, as that will need to great confusion among open source implementors and their users.
_______________________________________________ Acme mailing list Acme@ietf.org https://www.ietf.org/mailman/listinfo/acme
