Update to DirectoryString Processing in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile
RFC 4630

Note: This ballot was opened for revision 03 and is now closed.

Lars Eggert No Objection

(Sam Hartman; former steering group member) (was Discuss, Yes) Yes

Yes ()
No email
send info

(Bill Fenner; former steering group member) No Objection

No Objection ()
No email
send info

(Brian Carpenter; former steering group member) No Objection

No Objection (2006-04-12)
No email
send info
(actually picked up by David Black's Gen-ART review of the previous draft)

This sentence in section 5 lacks a verb:

|  When the subjectAltName extension contains a DN in the directoryName,
|  the same encoding preference as in 4.1.2.4.

(Cullen Jennings; former steering group member) No Objection

No Objection (2006-04-13)
No email
send info
I am concerned about how the visual comparisons of names security problem will be solved. I would be supportive of text that pointed out the problem and did not try to provide a solution. I would change to a discuss if we put in text that required anyone to implement something that is a research problem.

(Dan Romascanu; former steering group member) No Objection

No Objection ()
No email
send info

(Jari Arkko; former steering group member) No Objection

No Objection ()
No email
send info

(Jon Peterson; former steering group member) No Objection

No Objection ()
No email
send info

(Lisa Dusseault; former steering group member) No Objection

No Objection ()
No email
send info

(Magnus Westerlund; former steering group member) No Objection

No Objection (2006-04-13)
No email
send info
The security consideration section seems very strange:

   The replacement text is much clearer.  The direction is much less
   prone to implementation error.  Also, the use of consistent encoding
   for name components will ensure that name constraints work as
   expected.

As a minimal it seems to be lacking a reference to the base line in RFC 3280 that it tries to change. But also the statement that this should be more secure is not really clear on what aspects and why.

I expect this to be fixed when taking care of the Discuss about the similar looking names.

(Mark Townsley; former steering group member) No Objection

No Objection ()
No email
send info

(Ross Callon; former steering group member) No Objection

No Objection ()
No email
send info

(Ted Hardie; former steering group member) No Objection

No Objection ()
No email
send info

(Russ Housley; former steering group member) Recuse

Recuse ()
No email
send info