On 05/13/2008 2:47 PM, Dave Cridland wrote: > On Tue May 13 20:37:39 2008, Justin Karneges wrote: >> On Tuesday 13 May 2008 11:40 am, Dave Cridland wrote: >> > On Tue May 13 19:29:33 2008, Justin Karneges wrote: >> > > Two sets? >> > >> > Yes. One that says "If any xmppAddr is present, use only xmppAddr", >> > another that says "but fallback to dNSName". This is okay as long as >> > both ends know which identities are authenticated. >> >> 3920, section 14.2, case #1 essentially says that if the xmpp field is >> present >> then use it, otherwise fall back to dNSName (and then commonName). >> Where is >> the other set of rules? >> >> > Hmmm... I suppose you could read that as the method for checking > certificates, and 6.4.2 as the method for generating them. I think both > could be a lot clearer, though.
Is the new text clearer? http://www.xmpp.org/internet-drafts/draft-saintandre-rfc3920bis-05.html#security-certificates Perhaps I'll post it to the list here as a new thread so that folks can comment on it.... Peter -- Peter Saint-Andre https://stpeter.im/
smime.p7s
Description: S/MIME Cryptographic Signature
