Hi, Section 10.1, last but one paragraph says, "The configuration file is a binary file ... is signed using the standard SecurityBlock defined in Section 5.3.4."
The SecurityBlock includes the GenericCertificate bucket followed by the Signature. Don't the <roo-cert> elements contain all the necessary certificates to validate the configuration file? If that is true why include the GenericCertificate bucket, and why not just the Signature alone in the base64 encoded and appropriately named <signature> element? Thanks --Michael _______________________________________________ P2PSIP mailing list [email protected] https://www.ietf.org/mailman/listinfo/p2psip
