Closed mglt closed 3 years ago
ShuaiZhao
commented
3 years ago @mglt Either I will leave this to Bob or see the following proposed Text:
DRIP certificate has a different context compared with security certificates and Public Key Infrastructure used in X.509.
mglt
commented
3 years ago This works for me.
cardsw
commented
3 years ago I would be happy to drop the X.509 history lesson. ;-) We just need to define what we mean in DRIP by "claim", "assertion", "attestation" and "certificate", clarify that our DRIP compact certs are not X.509, but admit that we will need in some cases to establish verifiable strong bindings between our compact certs and corresponding X.509 certs. I believe that is also addressed in another Github issue.
ShuaiZhao
commented
3 years ago in -14, I implemented as following:
` This section introduces the terms "Claims", "Assertions", "Attestations", and "Certificates" as used in DRIP. DRIP certificate has a different context compared with security certificates and Public Key Infrastructure used in X.509.
Editor-note 5: To be confirmed
` I will leave it open for Bob to review.
mglt
commented
3 years ago sounds good to me.
ShuaiZhao
commented
3 years ago confirmed by Bob. Closed now
3.3. Claims, Assertions, Attestations, and Certificates
""" This is due to the term "certificate" having significant technological and legal baggage associated with it, specifically around X.509 certificates. These types of certificates and Public Key Infrastructure invoke more legal and public policy considerations than probably any other electronic communication sector. It emerged as a governmental platform for trusted identity management and was pursued in intergovernmental bodies with links into treaty instruments.
"""
In my opinion the text quoted does not help the architecture description. I would rather add some text specifying that Certificates does not especially X509 certificates.