- From: Thomas Roessler <tlr@w3.org>
- Date: Sat, 28 Jul 2007 15:20:18 -0400
- To: pbaker@verisign.com
- Cc: public-wsc-wg@w3.org
Phill, I see that your current conformance language for EV certs includes the following phrase: A certificate issuer distinguishes a certificate authenticated according to EV criteria by means of an issuer specific extension OID. -- http://www.w3.org/2006/WSC/wiki/RecommendationDisplayProposals/EVCerts I'm not sure if it's just me, but I'd like to see a specific OID with a normative reference to an open standard in that place. The current language is effectively a hook for all kinds of proprietary material, and indeed not enough to usefully assess any kind of interoperability or compliance. Maybe the definition of that OID is worth a two-page RFC, to be done in PKIX reasonably quickly? (Despite having sat in the meeting last week, I'll admit ignorance as to the politics of PKIX and the group's ability to do things like that quickly.) Cheers, -- Thomas Roessler, W3C <tlr@w3.org>
Received on Saturday, 28 July 2007 19:20:34 UTC