Chris,
I'm happy for the text to indicate that the format described for a certs
only message could be used to transport CRLs or both, as long as the text
also states that if CRLs or both are being transported the OID for certs
only MUST not be used.
Do we have consensus :-)
Bill.
-----Original Message-----
From: Bonatti, Chris [mailto:BonattiC(_at_)ieca(_dot_)com]
Sent: 26 February 2001 16:10
To: William Ottaway
Cc: jimsch(_at_)exmsft(_dot_)com; ietf-smime(_at_)imc(_dot_)org
Subject: Re: Certs-only Mechanism for X.400 Transport
Bill,
Okay, how about option (3) ;-)
(3) would be we clarify the text, but describe more clearly
what I think was
the intent of RFC 2633. Namely, that the format described and
identified as
"certs-only" can be used to convey either certs, CRLs or both.
Btw, I would happily go along with either (1) or (2) if the
corresponding
change were made to the MSG spec. I guess I still favor (3)
however, because I
perceive it to be the status quo, and because allowing CRLs to be
included here
doesn't seem to break anything for the PKCS #10 scenario. I'd be
hard pressed
to cite the benefits, though. Does anybody remember the logic
for why this was
done?
Chris
_______________________
William Ottaway wrote:
Jim,
I think I'm inferring what is done. :-)
My only gripe is I don't like the statement "This format can
also be used to
convey CRLs." followed by a description of how to carry
certificates but no
description of how to carry CRLs in a similar format.
Its too late to change RFC 2633 but draft-ietf-smime-x400trans could say
something different.
1) Don't mention that CRLs can be carried in a similar way to a
certs only
message
or
2) Specify an OID for a CRL only message.
Bill.