Comments (23)
eGov CA is being deprecated - do not include
from fpki-guides.
To do:
- Looks like we go back and forth on "certificate authority" and "certification authority". Should we stick with "certification authority" and change everything to that?
- @lachellel did you mention it would be better to remove the "Intermediate Root CA" certificate from the graphics as that may be confusing? https://github.com/GSA/fpki-guides/blob/staging/pages/fpki_cas.md
- Plain language pass
from fpki-guides.
did you mention it would be better to remove the "Intermediate Root CA" certificate from the graphics as that may be confusing?
this one: chain
from fpki-guides.
It should always be Certification Authority.
from fpki-guides.
Intermediate Root CA is contradictory. Where did it come from? It is normally root CA, subordinate CA, intermediate CA, or issuing CA as used in RFC 5280.
from fpki-guides.
Intermediate Root CA is contradictory.
Yeah, that's why the image as-is is confusing.
The image is based on mapping from Common to subordinates, and all our lovely CAs with "Root" in the name (the history of where Common came from). It is confusing to the audience.
from fpki-guides.
@djpackham Do your comments from Sept. 28, 2016, above still need to be addressed? I didn't mark that in my notes from today. Thanks!
from fpki-guides.
@weirdscience we were planning on changing everything in fpki-guides to certificate authority as it seems both are acceptable (certification authority or certificate authority) and we leaned more towards certificate authority because we thought it would make more sense to those not familiar with the term. Any convincing reason to not use certificate authority?
from fpki-guides.
@clstmbrly, yes I think the overall comments from Sept. 28, 2016 are addressed and just need to address the other items discussed earlier.
from fpki-guides.
Thank you.
from fpki-guides.
@lachellel @djpackham In this section, we seem to be alternating between using the term, "Trust Stores" (which is also the Guide title here), and the term "Application Trust Stores." This is potentially confusing, as well as inconsistent. Would it be okay to use simply "Trust Stores" as the accepted term throughout?
from fpki-guides.
trust stores is fine.
if we need to change it later based on comments to change it - it's a grep or sed.
from fpki-guides.
Thanks! In the table of most common Trust Stores, the link for Adobe Approved Trust List says: ...apple.com/.. Looks like a mistake...?
from fpki-guides.
@lachellel @djpackham Re: my previous comment.
from fpki-guides.
The original post should be with #45
from fpki-guides.
Following segment is from fpki_cas.md file. Please confirm the link is correct one. The link is absolute github url, but outside of ficam perview.
{% include alert-info.html content="A new effort is underway to establish a Federal root and issuing certificate authorities dedicated to Public Trust TLS/SSL device certificates. Follow or contribute to the development of the new Federal certificate policy for this Public Trust effort: https://github.com/uspki/policies" %}
from fpki-guides.
@djpackham Certification Authority is proper term to use and used by industry and in standards to mean CA. Certificate Authority is not the correct term and may be a misuse similar to calling a CPS a Certificate Practice Statement.
from fpki-guides.
The same thing could be said for "cross certificate" -vs- "cross sign", and "certificate path" -vs- "certificate chain".
from fpki-guides.
@djpackham I believe that during recent discussions it was decided we would use "certificate authority" vs. "certification authority." Both seem widely used. "Certificate authority" is a more plain-language term.
from fpki-guides.
Plain language does not mean correct.
from fpki-guides.
I would highly recommend aligning terminology with RFC 5280 when possible:
https://datatracker.ietf.org/doc/rfc5280
It is a common standard that FPKI and CABForum claim to adhere to. This not mean that plain language can't be used to describe function and operation.
from fpki-guides.
I'll be honest - I don't have a strong opinion one way or the other. It's intended for program managers and engineers working in / with the agencies, so if the audience is okay with one or the other and we're not throwing gobbledygook at them...
Def'n of gobbledygook:
Another definition:
- noun: gobbledegook; noun: gobbledygook
- language that is meaningless or is made unintelligible by excessive use of abstruse technical terms; nonsense.
from fpki-guides.
closed with #101
updates to be certification authority
from fpki-guides.
Related Issues (20)
- System Notification for: Federal Bridge CA G4 (Intent to issue to Entrust Managed Services NFI Root CA) HOT 1
- System Notification for: WidePoint Federal Shared Service Provider (Intent to deploy a new CA) HOT 1
- System Notification for: Federal Bridge CA G4 (Intent to issue to SAFE) HOT 2
- System Notification for: Treasury (decommission US Treasury Public CA) HOT 3
- System Notification for: Federal Bridge CA G4 (Intent to issue to USPTO) HOT 2
- Editorial Updates from the FPKIMA HOT 2
- Federal Common CA playbook - one minor nit (FAQs) HOT 3
- Update: PIV CAs and Agencies (FTC) HOT 1
- System Notification for: Entrust SSP CA and Entrust NFI CA (issuing CAs) - URI change HOT 2
- System Notification for: Federal Bridge CA G4 (Intent to Revoke USPTO_INTR_CA1) HOT 1
- System Notification for: SAFE Identity Bridge CA HOT 1
- System Notification for: Federal Common Policy CA G2 (multiple certificates issued) HOT 1
- FBCA2016 P7C appears corrupted HOT 3
- System Notification for: TSCP SHA256 Bridge CA (intent to issue to Alexion Pharmaceuticals Issue 2 CA) HOT 1
- System Notification for: WidePoint Non-Federal Issuer (Intent to deploy a new CA) HOT 3
- macOS Outlook - (signing) certificate is not standards compliant HOT 5
- Agency Contribution to Federal Common Policy CA Migration Playbook (distributing root certificate on RHEL/CentOS/OEL)
- System Notification for: CertiPath Bridge (intent to issue) HOT 1
- System Notification for: DoD Root CA 3 (new certificate detected)
- System Notification for: Federal Common Policy CA (intent to revoke CA certificates) HOT 6
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from fpki-guides.