Paul Wouters <[email protected]> wrote Tue, 12 May 2015 08:27:11 -0400 (EDT):
| As an implementer, can you offer improved text? We are in the process of | writing a bis document after all - now is a good time. Current 6962bis: --8<---------------cut here---------------start------------->8--- "leaf_certificate" is the end-entity certificate submitted for auditing. "certificate_chain" is a chain of additional certificates required to verify the end-entity certificate. The first certificate MUST certify the end-entity certificate. Each following certificate MUST directly certify the one preceding it. The final certificate MUST either be, or be issued by, a root certificate accepted by the log. --8<---------------cut here---------------end--------------->8--- Proposed 6962bis: --8<---------------cut here---------------start------------->8--- "leaf_certificate" is the end-entity certificate submitted for auditing. "certificate_chain" is a chain of additional certificates required to verify the end-entity certificate. A root certificate has an empty certificate_chain. If present, the first certificate MUST certify the end-entity certificate. Each following certificate MUST directly certify the one preceding it. The final certificate MUST either be, or be issued by, a root certificate accepted by the log. --8<---------------cut here---------------end--------------->8--- _______________________________________________ Trans mailing list [email protected] https://www.ietf.org/mailman/listinfo/trans
