From: phoffman [SMTP:phoffman(_at_)imc(_dot_)org]
Sent: Monday, October 25, 1999 5:09 PM
Subject: Re: Working Group Last Call:draft-ietf-smime-certdist-04.txt
At 09:51 AM 10/25/99 -0400, David P. Kemp wrote:
Since LDAP directories have both user and CA certificate attributes,
and LDAP is the Internet mechanism of choice for publishing and retrieving
Disagree. We are far from understanding how certificates are and will be
published. LDAP certificate retrieval is well-defined, but not yet widely
implemented, particularly for S/MIME MUAs.
Is this sufficient grounds to junk it? If it is not widely implemented yet
because of inherent problems, then fine, but if it is simply due to its
newness(my vote) we risk delaying the implementation of either by muddying the
water with the introduction of a second.
it would seem that a draft which proposes an alternative
cert publishing mechanism as an Internet Standard would have a high
burden of proof to justify the duplication.
If this draft was coming out three years from now, yes. As it is, we have
so little understanding of S/MIME customer needs, I don't think having an
alternative mechanism is harmful.
The IESG is relatively
strict in discouraging the definition of overlapping mechanisms.
We only wish. :-) A topically relevant counterexample: S/MIME and OpenPGP.
Pause for a moment... Do you really?(wish that is)
If you did, why would you support the introduction of an overlapping standard.
--Paul Hoffman, Director
--Internet Mail Consortium