+1 to Stephen's comments.
Also, I think the first paragraph's definition of "Web PKI" merits a bit more
full definition. Various folks that aren't quite as familiar with all this may
well be reading and trying to understand the charter.
Suggested enhancement (first paragraph becomes two paragraphs)..
###
The Web PKI is the set of systems and procedures most commonly used, in
conjunction with security protocols such as TLS, to protect the confidentiality,
integrity and authenticity of communications between Web browsers and Web
content servers. More specifically, the Web PKI (as considered here) consists of
the actual contents of the certificates issued to Web application providers by
Certification Authorities (CAs), the certificate validation services provided by
the Authorities to web browsers and their users, and the TLS/SSL protocol stacks
embedded in web servers and browsers.
The Web PKI first appeared in 1993 or thereabouts and has developed continuously
in a somewhat organic fashion since then. Across all the suppliers and the
point releases of their products, there are now hundreds of variations on the
Web PKI in regular use. And this can be a source of problems for end-users,
certificate holders, and certificate issuers.
###
(though, this isn't critial and shouldn't hold anything up)
HTH,
=JeffH
_______________________________________________
wpkops mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/wpkops
