At 09:51 AM 10/25/99 -0400, David P. Kemp wrote:
Since LDAP directories have both user and CA certificate attributes,
Agree.
and LDAP is the Internet mechanism of choice for publishing and retrieving
certificates,
Disagree. We are far from understanding how certificates are and will be
published. LDAP certificate retrieval is well-defined, but not yet widely
implemented, particularly for S/MIME MUAs.
it would seem that a draft which proposes an alternative
cert publishing mechanism as an Internet Standard would have a high
burden of proof to justify the duplication.
If this draft was coming out three years from now, yes. As it is, we have
so little understanding of S/MIME customer needs, I don't think having an
alternative mechanism is harmful.
The IESG is relatively
strict in discouraging the definition of overlapping mechanisms.
We only wish. :-) A topically relevant counterexample: S/MIME and OpenPGP.
--Paul Hoffman, Director
--Internet Mail Consortium