On Wed, May 22, 2019 at 7:43 PM Brian Smith <[email protected]> wrote:
> Ryan Sleevi <[email protected]> wrote: > >> >> >>> It would be easier to understand if this is true if the proposed text >>> cited the RFCs, like RFC 4055, that actually impose the requirements that >>> result in the given encodings. >>> >> >> Could you clarify, do you just mean adding references to each of the >> example encodings (such as the above example, for the SPKI encoding)? >> > > Exactly. That way, it is clear that the given encodings are not imposing a > new requirement, and it would be clear which standard is being used to > determine to correct encoding. > Thanks, did that in https://github.com/sleevi/pkipolicy/commit/80da8acded63618a058d26c73db1e2438a6df9ed > > I realize that determining the encoding from each of these cited specs > would require understanding more specifications, including in particular > how ASN.1 DER requires DEFAULT values to be encoded. I would advise against > calling out all of these details individually less people get confused by > inevitable omissions. > Hopefully struck the right balance. These changes are now reflected in the PR at https://github.com/mozilla/pkipolicy/pull/183 _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
