Clearance Attribute and Authority Clearance Constraints Certificate Extension
draft-ietf-pkix-authorityclearanceconstraints-03
Yes
No Objection
Note: This ballot was opened for revision 03 and is now closed.
Lars Eggert No Objection
(Tim Polk; former steering group member) Yes
(Adrian Farrel; former steering group member) (was Discuss) No Objection
Section 7 says: The algorithm described in here has the idempotency, associative, and commutative properties, like the rest of the processing rules in this document. I am not sure that all of the processing rules in the document are idempotent, associative, and commutative. Maybe best to drop the final clause? --- Appendix I don't object, but... This appendix provides the normative ASN.1 definitions for the structures described in this specification using ASN.1 as defined in X.680. If the material is normative, perhaps it should be moved into the main body of the document. --- Appendix -- The following is a '02 version for clearance. Do we really need this in the RFC? I assume this is from the -02 revision of the I-D. --- Nit Section 1 Since [RFC3281bis] does not permit chain of ACs, s/chain/ chain/
(Alexey Melnikov; former steering group member) No Objection
(Cullen Jennings; former steering group member) No Objection
(Dan Romascanu; former steering group member) (was Discuss) No Objection
(Jari Arkko; former steering group member) No Objection
(Lisa Dusseault; former steering group member) No Objection
(Magnus Westerlund; former steering group member) No Objection
(Pasi Eronen; former steering group member) No Objection
Section 5.1: there are potentially two certification paths of interest when using ACs (one for the AA, another for the end-entity); it would be helpful if the text said "certification path for the AA" whenever it talks about paths here. Section 9: "If there is no Clearance associated with a TA, it means that the TA has not been assigned any clearance." Should this be "..., it means the TA is not constrained"?
(Ralph Droms; former steering group member) No Objection
(Ron Bonica; former steering group member) No Objection
(Ross Callon; former steering group member) No Objection
(Russ Housley; former steering group member) No Objection