Brian,
On Tue, Sep 9, 2014 at 10:30 AM, Stephen Kent <[email protected]> wrote:
Brian,
Can you re-state your proposal. I'm confused, in part because one does
not sign anything using a cert; one verifies a signed thing using a public
key from a cert.
Rick and Carl did a good job of explaining why my line of reasoning
didn't make sense in the first place, regardless of my poor choice of
terminology.
no problem. people often refer to certs "signing" stuff; I have
a compulsion to note the error every time I see it :-).
By the way, in draft -04 there are similar abuses of terminology that
should be cleaned up. Here's one example, "The resulting
TBSCertificate [RFC5280] is then signed with either [...] a
special-purpose [...] Precertificate Signing Certificate [...] or, the
CA certificate that will sign the final certificate." There are
probably more.
I believe I noted these terminology problems in -03, in my review.
Steve
_______________________________________________
Trans mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/trans
