You wrote:
I hope that the WG will be able to come to some sort of definitive
agreement regarding the issue of DNs, for I believe this is the single
most important issue to be resolved. I've said enough on this
issue, and agree with your position -- civil names are a necessary
component if we are to make nonrepudiation work at all. Otherwise,
we might just as well use RIPEM or PGP, and those people who just
can't solve their internal problems any other way should perhaps
give further consideration to either of those two schemes.
It may not be what you intended, but since it's
clear that the present course of using DNs
unconnected to email addresses is a bust, and
since it's clear that we need a trust hierarchy
that is built from the bobttom instead of the top,
perhaps you really are suggesting we bring RIPEM
and/or PGP into the IETF. This may be the most
fruitful approach. Non-repudiation and other
advanced concepts can be left for another day.
Steve