Should we include in the list certificate-pki standard like X509 in the list?

[toscalix]

Rationale

This ticket is a consequence of the discussion developed on #36

Certificates are an interesting case for the Security Profile. The are not algorithms but they use them.

Request

• Do we include certificates on the List?
  • If yes, can we describe the basic arguments to do so?
  • If not, can we explain why?
• If we include them, how do we do so?
  • Do we create a specific category?
  • Do we create a supra structure or a different structure for these cases?

DoD

• Agreement on including or not the certificates or not on the list
  • If the agreement is to include them, example of how they would be included
  • If the agreement is to not include them, then link to the PR that removes X509 from the list.
    • PR merged