Jim:
(2) Sec. 4.2. Description of the KEYSEL field. The current
wording says "A suggested value is to use a portion (low-order
16 bits or 32 bits) or all of the actual public key used".
Given the substantial debate on this topic, and the final clear
lack of concensus that an approach such as lower-order bits of
the public key is desirable, inclusion of the above statement
does not reflect the concensus of the discussion. Delete this
sentence.
I must confess, Warwick, that while I agree with you we're in the
minority. It seemed to me there was clear consensus that the document
needed to suggest some value to place in this field. My best guess on
the favored suggestion was part of the actual key.
Since it's just a suggestion I view changing it as an editorial change.
That means given the right set of circumstances I'll change it. The
right set of circumstances would be an overwhelming number of people
suggesting the same alternate value.
As I recall the discussion, there were several different views as to where the
value in the key selector might come from, including, at least:
- public key or part if public key;
- hash of the public key;
- a local database index;
- an X.509 v3 key identifier.
I believe all of these are equally acceptable, and useful under some
circumstances.
As a compromise, I suggest an editorial change from "A suggested value is..."
to
"An example would be...". If there is no support for this change, I withdraw
my
objection and accept that the RFC will contain a suggestion which 90% of
implementors will probably ignore.
Warwick