section 3.5: I wonder if additional references to RFC6125 and the
UTA-bis version of that might be more clear. I think that this
section is going to get beat on by security review. I also suggest
that rather than saying how it is to be matched, I suggest the section
be more prescriptive in how certificates are expected to be formed.
(I recognize that this text has not changed since 7170)
alandekok
commented
1 year ago
section 3.5: I wonder if additional references to RFC6125 and the UTA-bis version of that might be more clear. I think that this section is going to get beat on by security review. I also suggest that rather than saying how it is to be matched, I suggest the section be more prescriptive in how certificates are expected to be formed. (I recognize that this text has not changed since 7170)
@mcr