On Mon, Dec 02, 2013 at 04:34:37PM -0500, James Cloos wrote:
> My pref is that the suffices be the same for each of the prefices,
> therefore PKIX-TA vs DANE-TA vs PKIX-EE vs DANE-EE.
I'm all for neatly aligned text, and I appreciate the increased
cosmetic appeal, but surely the fact that this masks semantic
differences is more important.
The CA in usage 0 is not a trust anchor, but it is in usage 2.
The chain in usage 2 still requires PKIX validation, be it with
a dynamically obtained trust anchor.
So PKIX-TA and DANE-TA are each misleading, the first is not a TA,
the second is still PKIX. Are the acronyms just supposed to be
more memorable than the numbers, or are they supposed to concisely
convey the associated meaning?
--
Viktor.
_______________________________________________
dane mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/dane
