In message <[EMAIL PROTECTED]>, Peter Gutmann writes:
>"Enzo Michelangeli" <[EMAIL PROTECTED]> writes:
>
>>Apart from standards issues, one thing I'd like to see added to popular S/MIM
>E
>>agents is a mini-CA to issue self-signed certificates. This would allow peopl
>e
>>to use S/MIME as they use PGP (who relies on the WoT anyway?), breaking the
>>dependency from hierarchical CA's. Creating such an agent would be now a viab
>le
>>OpenSource project, without any need for expensive toolkit licenses.
>
>I have an RFC draft for this which I wrote a while back but it was rejected by
>the PKIX WG chair(s) ("I am concerned that we not turn PKIX into PGP with ASN.
>1
>syntax"), and I haven't had the motivation to publish it as an independent
>draft - would anyone even notice?.
Purely procedurally, if you tried to get it published as an RFC it
would probably be bounced by the IESG -- there's a policy against RFCs
that are or appear to be end-runs around a working group. If something
is in a WG's area, it's up to them to publish it.
--Steve Bellovin
