Thank you Ryan. Brian reviewed these changes back in May, so I've gone ahead and accepted them for the 2.7 policy update: https://github.com/mozilla/pkipolicy/commit/5657ecf650d70fd3c6ca5062bee360fd83da9d27
I'll consider this issue resolved unless there are further comments. - Wayne On Fri, May 24, 2019 at 1:38 AM Ryan Sleevi <r...@sleevi.com> wrote: > > > On Wed, May 22, 2019 at 7:43 PM Brian Smith <br...@briansmith.org> wrote: > >> Ryan Sleevi <r...@sleevi.com> wrote: >> >>> >>> >>>> It would be easier to understand if this is true if the proposed text >>>> cited the RFCs, like RFC 4055, that actually impose the requirements that >>>> result in the given encodings. >>>> >>> >>> Could you clarify, do you just mean adding references to each of the >>> example encodings (such as the above example, for the SPKI encoding)? >>> >> >> Exactly. That way, it is clear that the given encodings are not imposing >> a new requirement, and it would be clear which standard is being used to >> determine to correct encoding. >> > > Thanks, did that in > https://github.com/sleevi/pkipolicy/commit/80da8acded63618a058d26c73db1e2438a6df9ed > > >> >> I realize that determining the encoding from each of these cited specs >> would require understanding more specifications, including in particular >> how ASN.1 DER requires DEFAULT values to be encoded. I would advise against >> calling out all of these details individually less people get confused by >> inevitable omissions. >> > > Hopefully struck the right balance. These changes are now reflected in the > PR at https://github.com/mozilla/pkipolicy/pull/183 > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy