On Wed, Feb 26, 2014 at 7:43 AM, Stephen Farrell <[email protected]>wrote:
> > I'm not that keen on the phrase ritual compliance. > > There is a lot of PKI code in the world that assumes > that issuer/serial is a unique identifier for a good > X.509 certificate. > > It'd be best to not break such code by invalidating > that assumption. > > If there's a good enough reason to do it, that might > be ok, but I figure the burden to demonstrate that > that is in fact ok should be on those arguing for such > a change. > +1 A key ceremony is after all a ritual. And one of the social functions of rituals is to ensure that process is followed correctly. So saying 'mere ritual' is like saying 'mere semantics' when these are meaning. -- Website: http://hallambaker.com/
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
