On Thu 2019-01-10 12:56:27 +0000, Salz, Rich wrote:
> [ dkg wrote: ]
>> What it introduces is the tight coupling of two previously-distinct
>> actions for the relying party:
>
> I don't see it that way. Nobody is forcing relying parties to couple
> things.
Earlier in the thread, Russ wrote:
> If both checks succeed, then the potential Root CA certificate is
> added to the trust anchor store and the current Root CA certificate is
> removed.
Maybe this isn't *forcing* (in the sense that none of our RFCs can force
anyone to do anything), but it indicates that relying parties that
follow this specification will tightly couple these two actions, with
potentially bad consequences.
--dkg
Attachment:
signature.asc
Description: PGP signature
