Just minor nits: Sec 2.1.3.2: - Missing ',' after the exactMatch BOOLEAN - "SEQUENCE of" should be "SEQUENCE OF" - I like it when the SEQUENCE OF includes a SIZE OF(X..MAX) to indicate whether the SEQUENCE OF can have 0 or more or 1 or more members in the SEQUENCE OF. This applies to the ROAIPAddrBlocks and addresses fields.
Sec 2.1.6.2: - It might be useful to point to the res-certs ID for how to make the subjectKeyIdentifier. Additionally, I think it might be good to say the SID must match the SKI of the signer in this section because it talks about making the fields. I know it's in sec 3 step during the "check it" process but I think it should be in the "make it" process section. Sec 2.1.6.5: - RFC3370 says MUST support the rsaEncryption OID and MAY support the shaXYZWithRSAEncryption (where XYZ in this case will be 256) identifier. Should we allow the hash to be explicitly identified? General: - Why no ASN.1 module? spt _______________________________________________ Sidr mailing list [email protected] https://www1.ietf.org/mailman/listinfo/sidr
