James,
Thanks for the edits I applied them,
PKIX-CA vs TA I'm not sure what the consensus of the WG was and ask chairs to
rule on that.
Olafur
On Sep 19, 2013, at 6:00 PM, James Cloos <[email protected]> wrote:
> PKIX-TA looks better than PKIX-CA; CA makes it look like it has to be an
> association to a root cert.
>
> It would be nice to have a better short description for type 3 than
> Domain-issued certificate, notwithstanding the existance of that string
> in rfc 6698. DANE isn't about issuing certs, but rather about
> establishing trust paths to them. But I cannot come up with an
> alternative....
>
> Nits:
>
> The paragraph: "It is expected that DANE parser's in applications and
> DNS software MAY adopt parsing the acronyms for each field, installed
> base MAY NOT get updated." could use better grammar. Perhaps:
>
> s/each field, installed base/each field, but the installed base/
>
> And perhaps /MAY NOT/may not/. Unlike the first MAY, the may not isn't
> really a 2119. (The Nits link agrees.)
>
> In the xml, I'd do:
>
> s(<c>CA constraint</c>)(<c>CA constraint</c>)
>
> it should look better in the output.
>
> -JimC
> --
> James Cloos <[email protected]> OpenPGP: 1024D/ED7DAEA6
>
>
> _______________________________________________
> dane mailing list
> [email protected]
> https://www.ietf.org/mailman/listinfo/dane
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
