On 8/2/19 3:06 PM, Benjamin Kaduk via Datatracker wrote: > ---------------------------------------------------------------------- > COMMENT: > ---------------------------------------------------------------------- > > Thank you for resolving my Discuss points! > > I do think the added text in Section 4.2.1 about DNS-ID/CN-ID should > probably be clarified that it only applies to the RFC 6125 procedures and > not the RFC 7672 ones.
Thanks for your review. Since RFC 7672 (section 1.1, definition of "Reference identifier") calls out the use of use of CN-ID if no DNS-ID (subjectAltName of type dNSName) is present, I don't really see a conflict between the wording in the draft and 7672. Or is the concern that we shouldn't be allowing the use of CN-ID if DNS-ID is present? I have always thought that the "alternative" nature of subjectAltName means that those names are allowed to be used in addition to commonName, but I guess that isn't really the way things work. -Jim _______________________________________________ Uta mailing list Uta@ietf.org https://www.ietf.org/mailman/listinfo/uta
