IƱigo/Bruce - As you know there are broad categories of SSL server certificates, depending on the name forms they contain and the way in which the name values are validated. They must contain an IP address or DNS name. And, they may contain a corporate or institutional name. The values are validated with an authority responsible for registering the particular name form. So, the trustworthiness of the certificate contents depends upon the trustworthiness of the naming authority.
It seems to me that the naming authority or authorities is/are part of the trust model. Do you agree? Should its role be described in your draft? All the best. Tim. _______________________________________________ wpkops mailing list wpkops@ietf.org https://www.ietf.org/mailman/listinfo/wpkops