pki4ipse-3----Page:5
1 2 3 4 5 6 7 8 9 10
|
“Big” Issues Strategic Question: Do we need to pin everything down concretely in the requirements document, or do we note a requirement to “choose one MUST option” and lay out the pros and cons of the options. Example is cert path validation checking. It isn’t clear that any particular option is necessary to meet our charter objectives, but it is clear that a single choice of MUST happen. The cert management profile has to establish a MUST requirement for revocation/validation approach for the sake of interoperability. Do we care about distributed validation? Options are CRLs, OCSP or SCVP |