On Mon, Dec 07, 2009 at 04:40:05PM -0500, Sean Turner wrote: > Nicolas Williams wrote: > ...snip... > > - A separate I-D for adding labeling information to certificates. > > Are you suggesting that you'd label a certificate? I suspect what > you're talking about is including what labels a user/device supports and > the clearance attribute in the RFC 3281 update > (http://tools.ietf.org/html/draft-ietf-pkix-3281update-05) is defined > for just such a purpose.
Ah, I didn't know that a clearance attribute existed already. Yes, that's exactly what I had in mind. (Incidentally, the I-D you mention has a referenced to X.501-1993, but it doesn't appear in the References sections.) Nico -- _______________________________________________ IPsec mailing list [email protected] https://www.ietf.org/mailman/listinfo/ipsec
