On Mar 20, 2008, at 1:52 AM, Dean Willis wrote: > > On Mar 19, 2008, at 6:56 PM, Cullen Jennings wrote: >> >> And certs has the text >> >> I-D.sip-eku [9] describes the method to validate any Extended Key >> Usage values found in the certificate for a SIP domain. >> Implementations MUST perform the checks prescribed by that >> specification. >> >> which seems to me like it could be changed to >> >> I-D.sip-eku [9] describes the method to validate any Extended Key >> Usage values found in the certificate for a SIP domain. >> > > > So the above text means to me "If you receive a certificate for a > SIP domain that contains any Extended Key Usage values, you MUST > validate them according to the procedures of I-D-sip-eku [9]."
I'm assuming that be above text you mean my proposed change, not the the current text in the draft. I would have interpreted my proposed change to mean something closer to "As a FYI to the reader, there is another specification you might be interested in. If you want to do Extended Key Usages there is this other specification, sip-eku, that can be implement but implementation of the domain-certs specification does not require you to implement sip-eku". If you and I are reading this differently ways perhaps you could propose some text for this sentence so that there is no chance of ambiguity. _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
