Re: [Hipsec] draft-ietf-hip-cert-02-pre00

[Miika Komu <miika.komu at hiit.fi>]

Samu Varjonen wrote:

Hi,

> Mattes, David kirjoitti:
> > Hi Samu,
> >
> > As some background, I am focused on using HIP operationally and 
> > therefore have a pragmatic point of view of the specifications.  Here 
> > are some in-line opinions for your questions below.
> >
> > Also, what is the purpose of requiring the HIT as part of the X.509 
> > information?  In practice (at least until HIP is a de-facto standard 
> > ;-), I think it will be quite difficult to convince Certificate 
> > issuers to include new or different information.  I think you should 
> > remove that recommendation from the draft.
>
> We do not want to enforce all certificates to have HITs encoded as 
> subjects and/or issuers. It is there if you need to encode HITs. I will 
> rephrase the text to clearly state this.

does the HIT have problems with the planned algo agility mechanism 
described in here:

http://www.ietf.org/mail-archive/web/hipsec/current/msg02661.html