That seems excellent. Hal
> -----Original Message----- > From: Marcos Caceres [mailto:[EMAIL PROTECTED] > Sent: Wednesday, April 02, 2008 8:04 PM > To: Hal Lockhart > Cc: [EMAIL PROTECTED]; [email protected]; member-xmlsec- > [EMAIL PROTECTED] > Subject: Re: [widgets-digsig] Comment on use of X.509 v3 > > > Since this is not well understood and the document is not generally > > accessible, you might want to repeat the above in your document. In > > fact, I would suggest changing it to say: > > > > Implementations MUST be prepared to accept any version certificate. > > The spec now reads: > "Implementations must be prepared to accept all X.509 certificates > versions identified in [X509v3] via the version field. To be clear, > the value of the version field identifies the version of an X.509 > certificate in the following way: > 0 is X.509 version 1, > 1 is X.509 version 2, > 2 is X.509 version 3, > if the version field is omitted, then treat the certificate as X.509 > version 1." > > Please let me know if that is clear enough. > > Kind regards, > Marcos > > -- > Marcos Caceres > http://datadriven.com.au
