Re: Certificate status checks vs validity period; self-signed certs(Re: Current state of editor's draft / IdentitySignal)

> The idea in our draft is to say that user agents should do either of
> the following two things:
> 
> - Follow Basic Path Validation *and* take certificate validity
>   checks seriously, i.e., check against a CRL. If that is the case,
>   then a certificate that's outside its validity period is a really
>   bad thing, and must be treated accordingly.
> 
> - Follow the relaxed version defined in section 4.2, and don't
>   bother users with validity period errors, since you don't care
>   about revocation and validity issues anyway.

This is one of those places where a bit of explanatory text would go a 
long way. Could you craft a sentence or two?

> > It's getting harder and harder for me to hold on to why this is
> > supposed to be helpful with trust decisions. It seems a gap in
> > the standard of standards writing that there's not an easy way to
> > provide annotations or references to back up statements like
> > this. It would certainly cut down on the overhead of dealing with
> > comments (where you can provide references to examples or group
> > decision making inline, and track them as the draft goes along). 
> 
> I'm not quite sure I understand what you're getting at.

I'm getting at something, perhaps like Annotea, where there can be an 
overlay with any number of explanations, pointers to issues, etc. without 
the "danger" of making the actual spec longer. The two goals (easy to get 
to background on everything and a concise and condensed spec) don't seem 
inherently irreconcilable. And that lc-tracker overlay shows how important 
they are. But it would be optimal if we could put out for review something 
that included background and explanations in some separate experience to 
make it easy for reviewers to come up to speed on each of the sections in 
context.