Sounds good to me, thanks! On Fri, May 27, 2022 at 9:22 AM Sean Turner <s...@sn3rd.com> wrote:
> > > > On May 23, 2022, at 12:33, Martin Duke via Datatracker <nore...@ietf.org> > wrote: > > > > Martin Duke has entered the following ballot position for > > draft-ietf-tls-subcerts-14: No Objection > > > > When responding, please keep the subject line intact and reply to all > > email addresses included in the To and CC lines. (Feel free to cut this > > introductory paragraph, however.) > > > > > > Please refer to > https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ > > for more information about how to handle DISCUSS and COMMENT positions. > > > > > > The document, along with other ballot positions, can be found here: > > https://datatracker.ietf.org/doc/draft-ietf-tls-subcerts/ > > > > > > > > ---------------------------------------------------------------------- > > COMMENT: > > ---------------------------------------------------------------------- > > > > A question to remedy by ignorance of ASN.1: > > > > How customary is it for the final standard to use an ASN.1 codepoint from > > Cloudflare's private namespace? In other contexts I would expect change > control > > to lie with a more public institution. > > > > Put another way, what would happen if Cloudflare were purchased by > EvilCorp one > > day? > > I believe the WG did discuss switching the OID to the PKIX arc, but an OID > is like you age - it’s just a number. Once assigned, nobody can really take > it back. As far as common, it happens - I am hesitant to say all the time, > but it is not uncommon. There are OIDs for modules, extensions, and > algorithms out of company arcs and gov’t arcs. E.g., > > Digest algorithms: SHA*-> Gov’t > x25519, x448, Ed25519, Ed448 (RFC 8410) -> Thwate arc. > TAMP (RFC 5934) -> Gov’t Arc. > > I am sure there are more. > > spt > > > > >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
