Name Constraints, was Re: [caops-wg] Re: ca signing policy file
Tony J. Genovese
tony at es.net
Tue Oct 11 18:00:14 CDT 2005
> My take is also that it wouldn't be prudent, even with these
> advances in NameConstraints adoption, to assume they remove
> the need for RP- specified policies such as this document
> describes. That would require adoption by CAs in general.
The RP specific policies sound like a reasonable feature. I am not clear on
the statement about adoption by CAs in General... All the CAs working on
Grids are organized and have to modify and change policies over time, so
what new policy needs to be defined? The reason to present the paper here is
that you want us to change, so are you saying some changes are easier for us
or that we will not make the NameConstraint change? Though support for it
does not seem to answer all your issues.
More information about the caops-wg
mailing list