Re: [keyassure] Interpreting certificates (and summary)

Zack Weinberg <zack.weinberg@sv.cmu.edu> Wed, 23 February 2011 21:03 UTC

DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; b=mN5xBgL1tIQQB2Bvo86qK4bC0E8lvXq+4sh1H5eMF7Cc15/2qVB/KQHZHIkyBbIb7F F6tk1vYbEJdSMWIIC2Qv4vJbNanZXsdXrHRoZVmhzYTng7P54mjHSYO84GAskFHsqq+t 9TVAUlmr22nv3O6hAY+OoH1JwhjgMgLLvnPD8=
MIME-Version: 1.0
Sender: zack.weinberg@gmail.com
In-Reply-To: <201102232039.p1NKdXR2008868@fs4113.wdf.sap.corp>
References: <AANLkTi=-bGc1ws0VvrsudV55GRk6KasSsydtiWMTNyua@mail.gmail.com> <201102232039.p1NKdXR2008868@fs4113.wdf.sap.corp>
Date: Wed, 23 Feb 2011 13:03:58 -0800
Message-ID: <AANLkTikXbsQuLRaaj54ZcH6=Be8JYZjEnXs5GkwHPKAa@mail.gmail.com>
From: Zack Weinberg <zack.weinberg@sv.cmu.edu>
To: mrex@sap.com
Content-Type: text/plain; charset="UTF-8"
Cc: keyassure@ietf.org, i.grok@comcast.net, Phillip Hallam-Baker <hallam@gmail.com>
Subject: Re: [keyassure] Interpreting certificates (and summary)
Precedence: list

Could we short-circuit this entire argument by deferring to the
protocol being secured for the certificate format?  Concretely,
wording like

      [...] The types defined in this document are:

         1 -- An end-entity certificate, in the wire format used by
the protocol being secured
         2 -- A certification authority's certificate, ditto

zw

Re: [keyassure] Interpreting certificates (and su… Stephen Kent
Re: [keyassure] Interpreting certificates (and su… Martin Rex
[keyassure] Interpreting certificates (and summar… Scott Schmit
Re: [keyassure] Interpreting certificates (and su… Phillip Hallam-Baker
Re: [keyassure] Interpreting certificates (and su… Paul Wouters
Re: [keyassure] Interpreting certificates (and su… Phillip Hallam-Baker
Re: [keyassure] Interpreting certificates (and su… Paul Wouters
Re: [keyassure] Interpreting certificates (and su… Paul Wouters
Re: [keyassure] Interpreting certificates (and su… Phillip Hallam-Baker
Re: [keyassure] Interpreting certificates (and su… Paul Wouters
Re: [keyassure] Interpreting certificates (and su… Phillip Hallam-Baker
Re: [keyassure] Interpreting certificates (and su… Scott Schmit
Re: [keyassure] Interpreting certificates (and su… Paul Wouters
Re: [keyassure] Interpreting certificates (and su… Phillip Hallam-Baker
Re: [keyassure] Interpreting certificates (and su… Paul Wouters
Re: [keyassure] Interpreting certificates (and su… Phillip Hallam-Baker
Re: [keyassure] Interpreting certificates (and su… Martin Rex
Re: [keyassure] Interpreting certificates (and su… Phillip Hallam-Baker
Re: [keyassure] Interpreting certificates (and su… Phillip Hallam-Baker
Re: [keyassure] Interpreting certificates (and su… Peter Gutmann
Re: [keyassure] Interpreting certificates (and su… Phillip Hallam-Baker
Re: [keyassure] Interpreting certificates (and su… Martin Rex
Re: [keyassure] Interpreting certificates (and su… Zack Weinberg
Re: [keyassure] Interpreting certificates (and su… Paul Hoffman
Re: [keyassure] Interpreting certificates (and su… Zack Weinberg
Re: [keyassure] Interpreting certificates (and su… Phillip Hallam-Baker
Re: [keyassure] Interpreting certificates (and su… Stephen Kent