All,
This is just an email to defer the discussion of this issue to the next
meeting.
Also, add to the discussion the option to always require an issuer, that
is policies without issuers are not allowed at all in 3.0.
Regards,
Erik
Erik Rissanen wrote:
> All,
>
> I propose that we drop the explicit identifiers for the trusted issuer
> in the delegation draft. (Section 5.4 in the delegation profile
> working draft 17.)
>
> The reason for introducing the explicit trusted issuer was that
> someone in some discussion was concerned that it is easy to make a
> mistake by forgetting to include the issuer.
>
> But for reasons of backwards compatibility we want a policy without an
> issuer to be considered trusted anyway. With this, I don't see much
> point in having the explicit trusted issuer in there. It just makes
> things more complex. Both for the spec and for code which has to deal
> with more special cases.
>
> Regards,
> Erik
>