----- Unsent message follows -----
Received: by us3rmc.bb.dec.com; id AA04679; Sat, 18 Sep 93 12:03:41 -0700
Received: by inet-gw-1.pa.dec.com; id AA04058; Sat, 18 Sep 93 08:36:25 -0700
Received: from magellan.tis.com by magellan.TIS.COM id aa01757;
18 Sep 93 11:06 EDT
Received: from tis.com by magellan.TIS.COM id aa01753; 18 Sep 93 11:04 EDT
Received: from azalea.tis.com by TIS.COM (4.1/SUN-5.64)
id AA14231; Sat, 18 Sep 93 11:04:02 EDT
Received: by azalea.tis.com; id AA15823; Sat, 18 Sep 93 11:02:40 EDT
Received: from mit.mit.edu/18.72.2.1 via smap
Received: from TMS-E19-PORT-7.MIT.EDU by MIT.EDU with SMTP
id AA24524; Sat, 18 Sep 93 11:03:38 EDT
Message-Id: <9309181503(_dot_)AA24524(_at_)MIT(_dot_)EDU>
Date: Sat, 18 Sep 93 11:00:21 EST
From: Raymond Lau <raylau(_at_)mit(_dot_)edu>
To: pem-dev(_at_)tis(_dot_)com
Subject: Residential CAs and DN subordination
Cc: 71755(_dot_)204(_at_)compuserve(_dot_)com
I've noticed that RSA broke from the DN subordination requirement with its
residential CA (Unaffiliated User Certification Authority).
Now, TIS has done the same.
I understand the rationale, technical, political and otherwise, behind this
as opposed to having layers of CAs tied to geographical locales or
having the CA's DN appear in the name...
But this is a divergent implementation. With just RSA's UUCA, I satisfied
myself with saying "This is the exception, not the rule." But with TIS
joining the bandwagon, it appears to be the prevalent practice.
Now seems to be the time to appropriately bring the prevalent practice
and the standard into sync. so implementers like myself know how to handle
this case.
-Ray
------- End of Forwarded Message