<galvin(_at_)tis(_dot_)com>:
PEM/MIME is happy to use whatever version of certificate suits the user.
The choice is irrelevant to the support of the PEM protocol and security
services since the specification only cares about the presence of a
public key.
<Juneman(_at_)gte(_dot_)com>:
Is it your position that since PEM/MIME is supposed to be a delta off of the
baseline PEM document, that the specification change to support X.509 v3
should be made to RFC1421-4, and that conformant PEM/MIME implementations
would then ipso facto support those changes?
The description of the <cert> and <crl> productions in draft-ietf-pem-mime-07
section 5.2 (application/pemkey-data) provide only that the values of the
"Certificate" and "CRL" fields are in a particular <encbin> encoding, but do
not provide a reference for an ASN.1 value which should be encoded and placed
there.
As in sections 2.1.3 and 2.2.4 there are explicit references for new ASN.1
values being used (the 'Name' of X.501 and the 'SubjectPublicKeyInfo' of X.509)
, and formats similar to those of PEM other than certificates and CRLs are
described in section 14 as being imported from RFC 1421/1423, would it be
clearer if in section 5.2 there was a comment inserted, similar in style to
those in 1421:
The definitions and semantics of certificates and CRLs are to be
found in [4].
([4] is RFC 1422)
------------------------------------------------------------
Mark Wahl; M(_dot_)Wahl(_at_)isode(_dot_)com; ISODE Consortium;
http://www.isode.com/