Thanks Rick. Regarding definitions, from the very first draft, the terminology used in RFC 5280 is not defined in this document. We haven´t had defined CA, nor RA, because it´s "mentioned" in the RFC 5280, and didn´t want to add new definitions. That´s why at the beginning of definitions indicate that the terminology used in RFC 5280 is going to be used, so CA and RA are not going to be incorporated.
For root CA I think you´re considering the "CA" as a company when say "... with one or more root certificates ..." so I prefer to keep the current definition For root store, is more or less the same when you add "... typically belonging ..." which again I think you´re referring CA as a company. I think the browsers don´t mind if some of the root CAs belong to the same CA company, they just add root CAs. I´ll correct the typo. Didn´t see it. Regards Iñigo Barreira Responsable del Área técnica i-barre...@izenpe.net 945067705 ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta egotea. Mezua badu bere hartzailea. Okerreko helbidera heldu bada (helbidea gaizki idatzi, transmisioak huts egin) eman abisu igorleari, korreo honi erantzuna. KONTUZ! ATENCION! Este mensaje contiene informacion privilegiada o confidencial a la que solo tiene derecho a acceder el destinatario. Si usted lo recibe por error le agradeceriamos que no hiciera uso de la informacion y que se pusiese en contacto con el remitente. -----Mensaje original----- De: Rick Andrews [mailto:rick_andr...@symantec.com] Enviado el: sábado, 24 de mayo de 2014 1:40 Para: Barreira Iglesias, Iñigo; wpkops@ietf.org Asunto: RE: [wpkops] RV: New Version Notification fordraft-ietf-wpkops-trustmodel-01.txt Iñigo, I'm confused by the Definitions (Section 1.2). Several of them include "CA" without that being defined. How about: CA - Certificate Authority, an entity that issues certificates Root CA - a CA with one or more Root certificates whose public key) are included as trust anchors in a root store Root store - a set of Root certificates, typically belonging to different Root CAs, which can be trusted by a browser I suggest that you add a definition for Registration Authority too, since it's used but not defined. Section 2.2.1 doesn't really define it. Typo in Section 3.2.1: " the root CA conforms. , inIn addition," -Rick -----Original Message----- From: wpkops [mailto:wpkops-boun...@ietf.org] On Behalf Of i-barre...@izenpe.net Sent: Friday, May 23, 2014 5:01 AM To: wpkops@ietf.org Subject: [wpkops] RV: New Version Notification for draft-ietf-wpkops-trustmodel-01.txt Iñigo Barreira Responsable del Área técnica i-barre...@izenpe.net 945067705 ERNE! Baliteke mezu honen zatiren bat edo mezu osoa legez babestuta egotea. Mezua badu bere hartzailea. Okerreko helbidera heldu bada (helbidea gaizki idatzi, transmisioak huts egin) eman abisu igorleari, korreo honi erantzuna. KONTUZ! ATENCION! Este mensaje contiene informacion privilegiada o confidencial a la que solo tiene derecho a acceder el destinatario. Si usted lo recibe por error le agradeceriamos que no hiciera uso de la informacion y que se pusiese en contacto con el remitente. -----Mensaje original----- De: internet-dra...@ietf.org [mailto:internet-dra...@ietf.org] Enviado el: viernes, 23 de mayo de 2014 13:59 Para: Barreira Iglesias, Iñigo; Bruce Morton; Barreira Iglesias, Iñigo; Bruce Morton Asunto: New Version Notification for draft-ietf-wpkops-trustmodel-01.txt A new version of I-D, draft-ietf-wpkops-trustmodel-01.txt has been successfully submitted by Inigo Barreira and posted to the IETF repository. Name: draft-ietf-wpkops-trustmodel Revision: 01 Title: Trust models of the Web PKI Document date: 2014-05-20 Group: wpkops Pages: 11 URL: http://www.ietf.org/internet-drafts/draft-ietf-wpkops-trustmodel-01.txt Status: https://datatracker.ietf.org/doc/draft-ietf-wpkops-trustmodel/ Htmlized: http://tools.ietf.org/html/draft-ietf-wpkops-trustmodel-01 Diff: http://www.ietf.org/rfcdiff?url2=draft-ietf-wpkops-trustmodel-01 Abstract: This is one of a set of documents to define the operation of the Web PKI. It describes the currently deployed Web PKI trust. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. The IETF Secretariat _______________________________________________ wpkops mailing list wpkops@ietf.org https://www.ietf.org/mailman/listinfo/wpkops _______________________________________________ wpkops mailing list wpkops@ietf.org https://www.ietf.org/mailman/listinfo/wpkops
