On Nov 7, 2012, at 10:39 PM, Randy Bush <ra...@psg.com> wrote: >> This would leave Rama and hanuman dependent on the CA services but not >> aware of the CPS term and conditions despite the explicit requirement >> specified in the PKIX profile? > > OMG!!! my router forgot to call her lawyer! call the network police? > > john, you have been out of ops for waaaaay too long.
I know that just smashing the bits together until they click seems like a lot of fun, but the semantics behind the PKIX certificates are actually there for good reason. While I'm sure you can make the bits syntactically fit, it is equally important that there is an actual meeting of the minds regarding the nature of the services to provided by the CA and to be used by the relying party. /John _______________________________________________ sidr mailing list sidr@ietf.org https://www.ietf.org/mailman/listinfo/sidr