The document
- 'Memorandum for multi-domain Public Key Infrastructure
Interoperability'
<draft-shimaoka-multidomain-pki-11.txt> as an Informational RFC
creates the impression that "trust anchors" must always be
self-signed CA certificates.
What is a trust anchor MUST remain completely up to local policy (which
might be a client-local policy in some scenarios), there should
be NO restriction whatsoever what can be configured as a trust anchor.
The idea of a trust anchor is that we trust the (public) key of the
trust anchor, that the PKI implementation may perform a reduced
(certificate) path validation only up to the trust anchor.
The management of trust anchors is also completely a local (policy) issue,
i.e. what keys are considered trust anchors, how they are distributed,
managed and updated.
I am violently opposed to the documents requirements and restrictions
what may an what may not be a trust anchor certificate. Document
published by the IETF (even if just Informational) should neither
make unconditional restrictions (MUST NOT) nor unconditional requirements
(MUST) for the selection of trust anchors. Instead, Protocols and
implementations SHOULD support the use of arbitrary trust anchors
as desired by local policy.
-Martin
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/ietf