As PaulH said ... finally decloaking after being off this topic for a while.
Apologies for latency.
Peter, thanks for updating the draft!
All -- good discussion on the list, thanks for all the thoughtful contributions
-- the spec is much better for it.
Yes, I have various bits of feedback on -07, some described below. this is
without a careful review though, and is driven by reading through the recent
threads on certid@ and checking -07 for how the issues were addressed. I concur
with the decisions taken. It seems that all raised issues were nominally
addressed in -07, so the below are (subtle-but-important) nits.
=JeffH
------
[ the below items aren't necessarily difficult to clean up, I'm just noting
them for the record for now ]
* It seems to me coming to this new revision of the spec somewhat "fresh", that
the concepts being addressed could build more cleanly from (especially) section
1.1 (intro/motivation), section 2 Names, and section 3 Representation of Server
Identity. I can take a whack at making concrete suggestions by early/mid this
next week.
* need to explicitly define (at least) the below terms/phrases in section 1.3
if we are going to use them..
attribute-type-and-value pair
DER encoding
Internet application ..or.. application service ..or.. ?
service provider
subjectAltName (this term is used in section 1.3 but isn't itself defined
until seciton 2.2)
* I think we need to review the terms/phrases we use to reference cert
components and aspects thereof. I think we're being inconsistent and at times
ambiguous (need to do careful review). unfortunately other specs we depend on
use non-congruent terminology it seems.
E.g. in just sections 2.2 and 3 we use these various terms/phrases wrt
"subjectAltName"...
subjectAltName extension
subjectAltName extension types
subjectAltNames
subjectAltName entry
SubjectAltName field
subjectAltName identifier
subjectAltName identifier types
subjectAltName identifier of type
[the GeneralName structure in] the subjectAltName
..and then including the rest of the spec we also use (in addition to the
above)..
application-specific subjectAltName extensions
subjectAltName extension of type
subjectAltName extensions of type
Obviously various of the above terms/phrases are redundant and we ought to
clean this up.
---
end
_______________________________________________
certid mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/certid
