Aaron Gable <[email protected]> wrote: > I have plans to get rid of the CSR entirely, but that's a discussion for a > different draft.
<insert evil cackle>
>> As a minor thought:
>>
>> "profiles": {
>> "profile1": "https://example.com/acme/docs/profiles#profile1
>> ",
>> "profile2": "https://example.com/acme/docs/profiles#profile2
>> ",
>> }
>>
>> maybe instead:
>>
>> "profiles": {
>> "profile1": { "doc" : "https://example.com/acme/docs/profile1";
>> }
>> "profile2": { "doc" : "https://example.com/acme/docs/profile2";
>> }
>> }
>>
>> I don't have a good suggestion right now for a machine readable version
of
>> the profile. I don't know if there is one beyond some legal template
for
>> a
>> CSP, but perhaps there will be one in the future.
>>
> I'm actually pretty opposed to the idea of machine-readable profile
> descriptions. This is because they will inevitably expand to cover every
> possible aspect of a certificate, and this leads to three problems:
Fair enough.
Like I said, I didn't say that there was a good one...
> That said, making this field a dictionary means that if someone comes up
> with a *good* idea of something to annotate a profile with, at least we'll
> have a place to put it. This is a good future-proofing idea, so I've filed
> https://github.com/aarongable/draft-acme-profiles/issues/13 for this.
Thank you!
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | IoT architect [
] [email protected] http://www.sandelman.ca/ | ruby on rails [
--
Michael Richardson <[email protected]> . o O ( IPv6 IøT consulting )
Sandelman Software Works Inc, Ottawa and Worldwide
signature.asc
Description: PGP signature
_______________________________________________ Acme mailing list -- [email protected] To unsubscribe send an email to [email protected]
