Internet X.509 Public Key Infrastructure: Certification Path Building
RFC 4158

Note: This ballot was opened for revision 05 and is now closed.

(Russ Housley) (was Discuss, Yes) Yes

(Harald Alvestrand) No Objection

Comment (2004-11-17 for -** No value found for 'p.get_dochistory.rev' **)
No email
send info
Reviewed by Brian Carpenter, Gen-ART

His review:

Probably no-objection, but I have a couple of queries and nits.

Disclaimer: 74 page draft on a topic where I am an anti-expert. YMMV.

>    This document was written to provide guidance and recommendations to 
>    developers building X.509 public-key certification paths within their 
>    applications. 

Q1: Was there a positive choice *not* to make this a BCP, and does
that choice imply any doubt about the recommendations?

Q2: I found no mention of the proxy certificate mechanism,
already implemented in grids, RFC 3820. Doesn't this affect the
way certification paths are built?

Nit 1: no IANA Considerations section

Nit 2: There's a reference to [RFC 2396], which is being updated. But
in any case, this reference is not cited in the text, so what is
it for? Same for [RFC 1738] - maybe all the informative references
should be checked.

(Ted Hardie) No Objection

(Sam Hartman) No Objection

(Scott Hollenbeck) No Objection

(David Kessens) No Objection

(Allison Mankin) No Objection

Comment (2004-11-18 for -** No value found for 'p.get_dochistory.rev' **)
No email
send info
The main text sentence describing applicability is bit understated, though the Abstract is clear enough.
I think too, that some apps developers will not find an exact enough match, though finding
useful information.  

Overall I think the level set is quite good, and well caveated.

(Bert Wijnen) No Objection

Comment (2004-11-17 for -** No value found for 'p.get_dochistory.rev' **)
No email
send info
RFC-Editor gave me a tool with which they check references.
It found:

!! Missing Reference for citation: [PCA]
  P012 L028:    with one CA (known as a "principal" CA [PCA]) in each participating

!! Missing citation for Informative reference:
  P073 L007:       [MINHPKIS]  Hesse, P., Lemire, D., "Managing Interoperability

!! Missing citation for Informative reference:
  P073 L052:       [PKIXALGS]  Bassham, L., Polk, W. and R. Housley, "Algorithms and

!! Missing citation for Informative reference:
  P073 L044:       [X.501]     ITU-T Recommendation X.501: Information Technology -

(Alex Zinin) No Objection