[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: editorial on Photuris




Perry,

  Regardless of whether some folks have strong objections to X.509,
there DOES exist a community of interest that wants to use it.  There
are known technical problems with putting X.509 into the DNS, hence
DNS certificates are not X.509 format (neither are they PGP).

  It is legitimate for folks in the IPsec WG to work on adding X.509
support as extensions to the various key mgmt proposals.  However, in
my view the burden of producing the specific text changes desired for
such X.509 support is on those folks who wish to use X.509.  If the
document editors are not provided with fairly specific comments on
what changes are desired and why they are desired, then I cannot
fault the editors.  (The same principle on proposing specific text
changes to drafts actually is widely true within the IETF).

Ran
rja@cs.nrl.navy.mil


Follow-Ups: