[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sip] Question about refernce in draft-ietf-sip-domain-certs-00

On Mar 20, 2008, at 1:52 AM, Dean Willis wrote:

>
> On Mar 19, 2008, at 6:56 PM, Cullen Jennings wrote:
>>
>> And certs has the text
>>
>>   I-D.sip-eku [9] describes the method to validate any Extended Key
>>   Usage values found in the certificate for a SIP domain.
>>   Implementations MUST perform the checks prescribed by that
>>   specification.
>>
>> which seems to me like it could be changed to
>>
>>   I-D.sip-eku [9] describes the method to validate any Extended Key
>>   Usage values found in the certificate for a SIP domain.
>>
>
>
> So the above text means to me "If you receive a certificate for a  
> SIP domain that contains any Extended Key Usage values, you MUST  
> validate them according to the procedures of I-D-sip-eku [9]."

I'm assuming that be above text you mean my proposed change, not the  
the current text in the draft. I would have interpreted my proposed  
change to mean something closer to  "As a FYI to the reader,  there is  
another specification you might be interested in. If you want to do  
Extended Key Usages there is this other specification, sip-eku, that  
can be implement but implementation of the domain-certs specification  
does not require you to implement sip-eku". If you and I are reading  
this differently ways perhaps you could propose some  text for this   
sentence so that there is no chance of ambiguity.




_______________________________________________
Sip mailing list  https://www.ietf.org/mailman/listinfo/sip
This list is for NEW development of the core SIP Protocol
Use sip-implementors at cs.columbia.edu for questions on current sip
Use sipping at ietf.org for new developments on the application of sip