Re: comments on <draft-ietf-spki-cert-theory-02.txt>

[Mark Wahl <M.Wahl@INNOSOFT.COM>]

> In light of the work on security re authentication, access controls and
> TLS and SASL, etc I thought I would comment on this doc on this list -
> as it could affect the work - Badly

Alan, 

In the IETF each working group establishes a mailing list for the discussion
of the specifications being developed in that working group.  For LDAPEXT 
it is the list ietf-ldapext@netscape.com.  For the SPKI working group it is 
the list spki@c2.net.  Information on subscribing to the SPKI mailing list
can be found at their charter page,

http://www.ietf.org/html.charters/spki-charter.html

I would suggest that it might be better for these comments to be sent to the
authors of the document or to a mailing list associated with the SPKI working 
group, since probably few of the SPKI participants are reading the LDAPEXT 
mailing list, and vice versa few of the LDAPEXT readers are working on
SPKI.

Also you will find that there are two working groups in the security area
who have been chartered to develop specifications relating to the public key
infrastructure.  PKIX's charter is focused on developing solutions based 
around X.509v3 certificates.  SPKI's charter does not specify X.509, and 
therefore proposals in that working group have been developed with different
goals, requirements and approaches than those which began with X.500.

Mark Wahl, Directory Product Architect
Innosoft International Inc.