Folks: Scott and I have just released new versions of domain-certs (-01) and sip-eku (-02).
Regarding sip-eku, Paul Hoffman from the PKIX WG has advised us that we should probably NOT use EKU to indicate that the party associated with this public key is an authorized SIP proxy for the domain named in the certificate. Instead, it has been suggested that it will be cleaner to use a actual extension that goes into the "extensions" field at the end of TBSCertificate sequence. Scott and I will be meeting Paul and others from the PKIX WG to sort this out during the DUB IETF. The changes that result from this will be minor from the editing point of view, so we will expeditiously get a new version out as soon as we agree to the semantics. In the meantime, the new versions of the drafts can be obtained from: http://www.ietf.org/internet-drafts/draft-ietf-sip-domain-certs-01.txt and http://www.ietf.org/internet-drafts/draft-ietf-sip-eku-02.txt Thanks, - vijay -- Vijay K. Gurbani, Bell Laboratories, Alcatel-Lucent 2701 Lucent Lane, Rm. 9F-546, Lisle, Illinois 60532 (USA) Email: [EMAIL PROTECTED],bell-labs.com,acm.org} WWW: http://www.alcatel-lucent.com/bell-labs _______________________________________________ Sip mailing list https://www.ietf.org/mailman/listinfo/sip This list is for NEW development of the core SIP Protocol Use [EMAIL PROTECTED] for questions on current sip Use [EMAIL PROTECTED] for new developments on the application of sip
