[x500standard] Re: Defect on definition of trust anchor, etc.

  • From: Sharon Boeyen <sharon.boeyen@xxxxxxxxxxx>
  • To: "'x500standard@xxxxxxxxxxxxx'" <x500standard@xxxxxxxxxxxxx>
  • Date: Thu, 24 Sep 2009 16:28:10 -0400

I agree with Dave Kemp

-----Original Message-----
From: x500standard-bounce@xxxxxxxxxxxxx 
[mailto:x500standard-bounce@xxxxxxxxxxxxx] On Behalf Of Kemp, David P.
Sent: Thursday, September 24, 2009 4:22 PM
To: x500standard@xxxxxxxxxxxxx
Subject: [x500standard] Re: Defect on definition of trust anchor, etc.

Hi David,

Given that both the current X.509 and the TA Management Requirements I-D define 
Trust Anchor to be data, and that if asked to give an example of a Trust Anchor 
most people would answer "a self-signed certificate", the burden of proof for 
invalidating that definition is pretty high.  The DR process will determine 
whether others believe that the current definition is broken.  Proposing a new 
term to refer to the trusted organization would be much less disruptive and 
more likely to succeed.

Regards,
Dave


-----Original Message-----
From: x500standard-bounce@xxxxxxxxxxxxx
[mailto:x500standard-bounce@xxxxxxxxxxxxx] On Behalf Of David Chadwick
Sent: Thursday, September 24, 2009 2:11 PM
To: x500standard@xxxxxxxxxxxxx
Subject: [x500standard] Re: Defect on definition of trust anchor, etc.

Hi David

Kemp, David P. wrote:
> I absolutely agree at the conceptual level.  But as with OIDs, once
one
> has been assigned, its definition should not be changed.  I believe
> Trust Anchor has a preponderance of evidence (after filtering out the
> noise) in favor of the data definition.

I cant comment on this. Others with more experience will need to.



-----
www.x500standard.com: The central source for information on the X.500 Directory 
Standard.

-----
www.x500standard.com: The central source for information on the X.500 Directory 
Standard.

Other related posts:

  1. Home
  2. x500standard
  3. Archive
  4. 09-2009