On Tue, Sep 12, 2017 at 5:59 AM, Dmitry Belyavsky via dev-security-policy <dev-security-policy@lists.mozilla.org> wrote: > Here is the new version of the draft updated according to the discussion on > mozilla-dev-security list.
Given that RFC 5914 already defines a TrustAnchorList and TrustAnchorInfo object and that the Trust Anchor List object is explicitly contemplated as being included in a signed CMS message, would it not make more sense to start from 5914 and define new extensions encode constraints not currently defined? Thanks, Peter _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
