[Top] [All Lists]

RE: WG Last Call: cmsalg

2001-10-09 08:07:14


I vote for option 3: "Use PKIX for everything except for v1 attribute
certificates; define v1 attribute certificates in the rfc2630bis appendix." 

I agree with Jim Schaad that the S/MIME specs should reference the ASN.1
modules in the PKIX documents instead of the ITU-T documents.  The PKIX
documents are freely available to all, but the ITU-T documents are not. 

To my knowledge, RFC 2630 is the only IETF spec that uses the v1 attribute
certificate syntax, so I agree with Russ Housley that the v1 attribute
certificate syntax should be included in a rfc2630bis appendix.

The S/MIME Freeware Library can ASN.1 encode and decode signedData and
envelopedData content types that include v1 attribute certificates.  I don't
know of any operational use of v1 attribute certificates in signedData and
envelopedData content types.    

John Pawling, John(_dot_)Pawling(_at_)GetronicsGov(_dot_)com
Getronics Government Solutions, LLC

<Prev in Thread] Current Thread [Next in Thread>