Certificate Management over CMS (CMC) Updates

Note: This ballot was opened for revision 05 and is now closed.

(spt) Yes

Jari Arkko No Objection

(Ron Bonica) No Objection

(Stewart Bryant) No Objection

(Gonzalo Camarillo) No Objection

(Ralph Droms) No Objection

(Wesley Eddy) No Objection

Comment (2011-09-01 for -)
I don't have any problem with this if the WG and people implementing from it are happy with it, but it does seem that the format as just a collection of the changes rather than a stand-alone document to be possibly confusing and error-prone to work from.  However, if the real stakeholders are happy with it, then that's all that matters, I guess.

(Adrian Farrel) No Objection

Comment (2011-09-05 for -)
I have not done a detailed review of this document and will trust that the Security ADs have done.

I am somewhat puzzled by...
   This document contains a new IANA considerations section to be added
   to [RFC5273] as part of this update.

Section 3.2 says...
   Reference: [ RFC-to-be ]
...and I assume that means *this* document.

So the new IANA section is as a result of 5273, but not part of it.

Stephen Farrell No Objection

Comment (2011-09-06 for -)
Doesn't the new change subject name thing require a new security
consideration? E.g. if an RA says it'd like a new cert renaming
stephen.farrell to *.google.com?  I think just a sentence saying
that the RA and CA need to ensure that both the new and old names
adhere to any relevant policies/practices would do fine.

There may be a case for also making the general point as well
that CAs MUST check names are according to policy/practice
as well, but even if so, the new name change thing should
also get a mention I reckon.

But that can all be done in one sentence so it should be easy.

(Russ Housley) (was Discuss) No Objection

Comment (2011-09-06)
Please consider the editorial comments from the Gen-ART Review by
  Elwyn Davies on 5 September 2011.

(Pete Resnick) No Objection

(Dan Romascanu) (was Discuss) No Objection

Comment (2011-09-08)
1. I believe that this format of defining in one RFC updates for other 3 RFCs is quite difficult to read and follow. 

2. - In section 2.5. New Section 6.20 RA Identity Proof Witness control:

"Identity Proof Version 2" should be "Identity Proof Version 2 control" if I'm correct.

(Peter Saint-Andre) No Objection

Comment (2011-09-06 for -)
I concur with Wesley Eddy's comment, especially given the scope of changes to RFC 5272.

(Robert Sparks) No Objection