Stephen, I'm puzzled by your "advice."
The IETF cites documents of other SDOs when relevant and when they do not conflict with the scope of IETF WGs. The CABF has created a profile of 5280, and 3647, for the Web PKI context, precisely the context that CT is addressing. Ben asserted that mis-issuance entails more than the simple notion that a cert was issued to the "wrong" subject. He specifically cited key size and EV cert criteria. These are criteria defined by the CABF guidelines. How can we proceed on CT if we don't have a solid definition of the problem it purports to address? Certainly detecting mis-issuance has to be well-defined. Steve
We've received a reminder from our friendly area director not to introduce any normative dependencies on CAB Forum documents or processes, as well as a query about how much x.509 processing should be specified, as well. Melinda _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
_______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
