Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Certificate Handling
RFC 3850
Yes
No Objection
Note: This ballot was opened for revision 07 and is now closed.
(Russ Housley; former steering group member) Yes
(Alex Zinin; former steering group member) No Objection
(Allison Mankin; former steering group member) No Objection
(Bert Wijnen; former steering group member) No Objection
No IPR section. I assume RFC-Editor will add it.
(Bill Fenner; former steering group member) No Objection
(David Kessens; former steering group member) No Objection
(Harald Alvestrand; former steering group member) No Objection
(Jon Peterson; former steering group member) No Objection
In Section 3 (2nd paragraph), I'm a little confused by the text that says receiving implementations MUST "recognize and accept" certificates that contain no email address. What asssurance are such certificates providing in the mail context? How are they processed? Given the importance placed on matching the subjectAltName with the From header field of an email in later paragraphs, I found the lack of procedures for this case a little odd.
(Margaret Cullen; former steering group member) No Objection
(Scott Hollenbeck; former steering group member) (was Discuss) No Objection
"BER" and "DER" are included in the list of definitions in section 1.1, but they're not used anywhere in the document that I could find. They should probably be removed.
(Steven Bellovin; former steering group member) No Objection
-
(Ted Hardie; former steering group member) No Objection
(Thomas Narten; former steering group member) No Objection