I think we need to change the usage of ;binary with respect to Certificate, Certificate List and Certificate Pair.
I realize there is talk of moving the definition of these syntaxes out of the syntax ID and into a PKIX ID - I think these changes should be reflected in the syntax ID until that move is performed.
Basically, I'd like to make use of ";binary" within the attribute description optional for these syntaxes. The ID should state that these values are transferred as binary encode BER values by default and therefore the ";binary" option is not necessary in protocol client and server messages. However, the ";binary" option can be included in attribute descriptions within the protocol - a server and client MUST treat an attribute description with and without ";binary" as identical for these syntaxes. For example, "userCertificate" and "userCertificate;binary" would refer to the exact same set of values that would be encoded the same for protocol transfer.
Chris.