[mailto:owner-ietf-mailsig(_at_)mail(_dot_)imc(_dot_)org] On Behalf Of
Douglas Otis
I read the security review by Russell Housley. The concerns raised
were regarding a means to adopt future changes to the signature
algorithm, and to properly define the current algorithm within the
draft.
Actually Russ goes into rather a lot of discussion of X.509 and PKIX.
This is not very suprising given that Russ is one of the authors of the
PKIX spec.
The document makes it very clear that demonstrating extensibility is an
important criteria.
I am sure that if there is indeed such a large degree of ambiguity in
the text that the Security AD for MASS will be only too happy to
eliminate it.