[Infrastructure] Questions from working through the BRs

Wed Apr 24 13:47:08 MST 2019

Forgot to raise these earlier, but I ran across some questions as I hacked my way through the BR content. I thought I’d raise them here to start, and then can raise() any that aren’t handled at this level to the SCWG for discussion.

In 1.6.1, under ‘Definitions’, we define ‘Effective Date’ as just ‘1 July 2012’. No context or anything else, just the date. Was that meant to be an example of an effective date, or the date the BRs became effective, or…?
The BRs seem to be now the exclusive ‘property’ of the SCWG, which then focuses them on TLS Client/Server certificates, with S/MIME and email certificates handed off to the nascent S/MIME WG. With that in mind, do we still need section 3.2.3 (“Authentication of Individual Identity”)?
Not quite a question, but I think we should either remove all of the “No stipulations” or add them in everywhere—it looks kind of weird to have them in some places and not in others.
Should we prune section 6.1.5 to remove all of the key sizes that are now no longer usable, like MD5 and RSA-1024?
Can we re-word the list in section 8.2 to make it more grammatically agreeable? :)
It looks like sections 3.2.2.5.5 to 7 could use some re-wording to make them full sentences and turn them into requirements (they read like descriptions). Would that be a ballot for those changes, or simply a proposed wording change on the SCWG?

Cheers,

Jos

-- 
Jos Purvis (jopurvis at cisco.com)
.:|:.:|:. cisco systems  | Cryptographic Services
PGP: 0xFD802FEE07D19105  | +1 919.991.9114 (desk)

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://cabforum.org/pipermail/infrastructure/attachments/20190424/09214c56/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 2095 bytes
Desc: not available
URL: <http://cabforum.org/pipermail/infrastructure/attachments/20190424/09214c56/attachment.p7s>