Since according to the PKCS introduction RSA has taken it upon >themselves to
be the sole arbitrar of these standards, may I ask
what you intend to do about updating the PKCS standards to
conform with the revised X.509?
I, individually, do not believe that RSA has "taken it upon
themselves", but have been 'carefully' following standards.
If you believe that RSA is being cautious in modifying, or
expanding, the PKCS scope I would have to agree with that
perception (sp?).
I hope to see v3 support to be coming out in (formal) PKCS
specifications, but I do not believe that 'RSA' is solely
involved in this decision.
I was quoting, or at least paraphrasing, a comment in the Introduction to the
PKCS standards which explicitly states that RSA is the sole arbitrar of these
standards, and that they are not the product of the more normal committee
approach. That said, I did not mean to suggest that they did not take into
account the recommendations of others, including other standards. They are in
business, after all, and have to be responsive to their customers.
There is a lot of good stuff in the PKCS standards, and I would welcome a move
to adopt a lot of it as an RFC. But some changes seem to be needed, and there
doesn't seem to be any way for the more general technical community to comment
on such issues, which is somewhat frustrating. What I was asking for was a
statement of direction, so that I will know which way to jump on such issues.
BTW, I erroneously spelled Burt Kalisky's name in my original message. I
appologize to him, and to anyone who copied "Bert" in their response to my
message.
Bob