Nicolas Williams wrote:
On Mon, Dec 07, 2009 at 04:40:05PM -0500, Sean Turner wrote:
Nicolas Williams wrote:
...snip...
- A separate I-D for adding labeling information to certificates.
Are you suggesting that you'd label a certificate? I suspect what
you're talking about is including what labels a user/device supports and
the clearance attribute in the RFC 3281 update
(http://tools.ietf.org/html/draft-ietf-pkix-3281update-05) is defined
for just such a purpose.
Ah, I didn't know that a clearance attribute existed already. Yes,
that's exactly what I had in mind. (Incidentally, the I-D you mention
has a referenced to X.501-1993, but it doesn't appear in the References
sections.)
It's in AUTH48 and the RFC editors caught that.
spt
_______________________________________________
IPsec mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/ipsec
