Hi. I have attempted to review this draft. I do not believe this
document is suitable for publication.
First, the writing quality is a serious obstacle to understanding the
document. Ultimately I'm still not sure what the document was trying
to require.
The document presumes a single model of PKI usage where certificates
and private keys are used across multiple applications. There are
other models that are important to support as well.
The document establishes conventions to store private keys and
certificates in host operating system filesystems. The document
violates the filesystem conventions of the host operating systems in
question and fails to realize that at least Windows and OS X already
have mechanisms for storing private keys and certificates.
The document requires private keys to be exportable. That violates
the policy of several PKI deployments.
This review is not exaustive. If the general scope and writing
problems are solved I would need the opportunity te review the
document from scratch. I might still conclude the document is not
suited for publication.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf