On October 16, 2019 at 5:34:13 PM, Michael Richardson ([email protected]) wrote:
Michael: Hi! > (3) s/The serialNumber fields is defined in [RFC5280], and is a SHOULD field in > [IDevID]./The serialNumber field is defined in [RFC5280], and is a recommended > field in [IDevID]. Note that SHOULD is not used properly here because it does > not have a Normative quality (as it refers to the other document). I'm > assuming that the replacement is "recommended" (per rfc2119), but it may be > "required". 802.1AR says it is SHOULD. We need to increase this to MUST. RECOMMENDED is a synonym for SHOULD according to 2119. REQUIRED is a synonym for MUST, so if I changed it to REQUIRED then it would still be a problem according to your thinking...? So I could reword as: IDevID certificates for use with this protocol are REQUIRED to include the "serialNumber" attribute with the device's unique serial number (from [IDevID] section 7.2.8, and [RFC5280] section 4.1.2.4's list of standard attributes). which might be an easier read. Please let me know if I am mis-understanding you. The original text sounded as if you were characterizing the field specified in rfc5280. The new text specifies that the serialNumber MUST be there. If that is what you meant from the start, then I’m ok with it. :-) Thanks! Alvaro.
_______________________________________________ Anima mailing list [email protected] https://www.ietf.org/mailman/listinfo/anima
