Alternative Certificate Formats for the Public-Key Infrastructure Using X.509 (PKIX) Certificate Management Protocols
draft-adams-cmpaltcert-06
Yes
(Russ Housley)
No Objection
(Margaret Cullen)
(Ted Hardie)
No Record
Note: This ballot was opened for revision 06 and is now closed.
Russ Housley Former IESG member
Yes
Yes
()
Unknown
Margaret Cullen Former IESG member
No Objection
No Objection
()
Unknown
Scott Hollenbeck Former IESG member
No Objection
No Objection
(2004-03-17)
Unknown
I really think the Security Considerations section of this document could be better written to address the topics described in RFC 3552/BCP 72, even if only to say that there are no issues with authentication, authorization, privacy, etc.
Steven Bellovin Former IESG member
(was Discuss, No Objection)
No Objection
No Objection
(2004-04-02)
Unknown
The security considerations section is inadequate. The phrase "this entire memo is about security" should be banned... Does use of this format introduce any new risks? Quite possibly -- the situation seems analogous to downgrade attacks. Are there other risks?
Ted Hardie Former IESG member
No Objection
No Objection
()
Unknown
Bert Wijnen Former IESG member
No Record
No Record
(2004-04-02)
Unknown
Violates the use of fqdns
"Alice <alice@some.com>"
Should probably be alice@example.com ??
There are multiple of those