On 27/12/2018 17:13, Jakob Bohm wrote:
On 27/12/2018 17:02, Rob Stradling wrote:
On 27/12/2018 15:38, Jakob Bohm via dev-security-policy wrote:
<snip>
For example, the relevant EKU is named "id-kp-serverAuth" not "id-kp-
browserWwwServerAuth" . WWW is mentioned only in a comment under the
OID definition.
Hi Jakob.
Are you suggesting that comments in ASN.1 specifications are meaningless
or that they do not convey intent?
Also, are you suggesting that a canonical OID name must clearly convey
the full and precise intent of the purpose(s) for which the OID should
be used?
In general no. However in this special case, the comment is
inconsistent with everything else.
Furthermore, this particular comment is absent in the actual ASN.1
module at the end of RFC5280, making it clear that it isn't a semantic
comment.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
