I agree with Dave Kemp -----Original Message----- From: x500standard-bounce@xxxxxxxxxxxxx [mailto:x500standard-bounce@xxxxxxxxxxxxx] On Behalf Of Kemp, David P. Sent: Thursday, September 24, 2009 4:22 PM To: x500standard@xxxxxxxxxxxxx Subject: [x500standard] Re: Defect on definition of trust anchor, etc. Hi David, Given that both the current X.509 and the TA Management Requirements I-D define Trust Anchor to be data, and that if asked to give an example of a Trust Anchor most people would answer "a self-signed certificate", the burden of proof for invalidating that definition is pretty high. The DR process will determine whether others believe that the current definition is broken. Proposing a new term to refer to the trusted organization would be much less disruptive and more likely to succeed. Regards, Dave -----Original Message----- From: x500standard-bounce@xxxxxxxxxxxxx [mailto:x500standard-bounce@xxxxxxxxxxxxx] On Behalf Of David Chadwick Sent: Thursday, September 24, 2009 2:11 PM To: x500standard@xxxxxxxxxxxxx Subject: [x500standard] Re: Defect on definition of trust anchor, etc. Hi David Kemp, David P. wrote: > I absolutely agree at the conceptual level. But as with OIDs, once one > has been assigned, its definition should not be changed. I believe > Trust Anchor has a preponderance of evidence (after filtering out the > noise) in favor of the data definition. I cant comment on this. Others with more experience will need to. ----- www.x500standard.com: The central source for information on the X.500 Directory Standard. ----- www.x500standard.com: The central source for information on the X.500 Directory Standard.