Skip to main content

Clearance Attribute and Authority Clearance Constraints Certificate Extension
draft-ietf-pkix-authorityclearanceconstraints-03

Yes

(Tim Polk)

No Objection

Lars Eggert
(Alexey Melnikov)
(Cullen Jennings)
(Dan Romascanu)
(Jari Arkko)
(Lisa Dusseault)
(Magnus Westerlund)
(Ralph Droms)
(Ron Bonica)
(Ross Callon)
(Russ Housley)

Note: This ballot was opened for revision 03 and is now closed.

Lars Eggert No Objection

(Tim Polk; former steering group member) Yes

Yes ()

                            

(Adrian Farrel; former steering group member) (was Discuss) No Objection

No Objection (2009-11-17)
Section 7 says:

   The algorithm described in here has the idempotency, associative, and 
   commutative properties, like the rest of the processing rules in this 
   document.      

I am not sure that all of the processing rules in the document are 
idempotent, associative, and commutative. Maybe best to drop the final
clause?

---

Appendix
I don't object, but...
   This appendix provides the normative ASN.1 definitions for 
   the structures described in this specification using ASN.1 as defined 
   in X.680. 
If the material is normative, perhaps it should be moved into the main
body of the document.

---

Appendix

   -- The following is a '02 version for clearance. 

Do we really need this in the RFC? I assume this is from the -02 
revision of the I-D.

---

Nit

Section 1
Since [RFC3281bis] does not permit chain of ACs,
s/chain/ chain/

(Alexey Melnikov; former steering group member) No Objection

No Objection ()

                            

(Cullen Jennings; former steering group member) No Objection

No Objection ()

                            

(Dan Romascanu; former steering group member) (was Discuss) No Objection

No Objection ()

                            

(Jari Arkko; former steering group member) No Objection

No Objection ()

                            

(Lisa Dusseault; former steering group member) No Objection

No Objection ()

                            

(Magnus Westerlund; former steering group member) No Objection

No Objection ()

                            

(Pasi Eronen; former steering group member) No Objection

No Objection (2009-11-17)
Section 5.1: there are potentially two certification paths of interest
when using ACs (one for the AA, another for the end-entity); it would
be helpful if the text said "certification path for the AA" whenever
it talks about paths here.

Section 9: "If there is no Clearance associated with a TA, it means
that the TA has not been assigned any clearance." Should this be
"..., it means the TA is not constrained"?

(Ralph Droms; former steering group member) No Objection

No Objection ()

                            

(Ron Bonica; former steering group member) No Objection

No Objection ()

                            

(Ross Callon; former steering group member) No Objection

No Objection ()

                            

(Russ Housley; former steering group member) No Objection

No Objection ()