Re: [Anima] [lamps] on certification authorities.

Carsten Bormann <cabo@tzi.org> Sat, 27 June 2020 20:03 UTC

Return-Path: <cabo@tzi.org>
X-Original-To: anima@ietfa.amsl.com
Delivered-To: anima@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B5033A00AD for <anima@ietfa.amsl.com>; Sat, 27 Jun 2020 13:03:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YPtnHbtAgZgI for <anima@ietfa.amsl.com>; Sat, 27 Jun 2020 13:03:50 -0700 (PDT)
Received: from gabriel-vm-2.zfn.uni-bremen.de (gabriel-vm-2.zfn.uni-bremen.de [134.102.50.17]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id D04F73A0062 for <anima@ietf.org>; Sat, 27 Jun 2020 13:03:49 -0700 (PDT)
Received: from [192.168.217.116] (p5089ae91.dip0.t-ipconnect.de [80.137.174.145]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by gabriel-vm-2.zfn.uni-bremen.de (Postfix) with ESMTPSA id 49vPpC0GDhzyZD; Sat, 27 Jun 2020 22:03:46 +0200 (CEST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 13.4 \(3608.80.23.2.2\))
From: Carsten Bormann <cabo@tzi.org>
In-Reply-To: <001001d64c58$98890d40$c99b27c0$@x500.eu>
Date: Sat, 27 Jun 2020 22:03:46 +0200
Cc: anima@ietf.org
X-Mao-Original-Outgoing-Id: 614981026.328643-24cdf8bb248348331fa667ec76c53425
Content-Transfer-Encoding: quoted-printable
Message-Id: <C59648FB-DA94-4797-96C5-8CC68F25C0DA@tzi.org>
References: <20200624023407.GA41244@faui48f.informatik.uni-erlangen.de> <C71BDB46-A15A-48EC-BC4D-68CA9A7C1DFB@vigilsec.com> <13005.1593208602@localhost> <001001d64c58$98890d40$c99b27c0$@x500.eu>
To: Erik Andersen <era@x500.eu>
X-Mailer: Apple Mail (2.3608.80.23.2.2)
Archived-At: <https://mailarchive.ietf.org/arch/msg/anima/bXJhGmQUaDJg-0To7BVHThzLVa8>
Subject: Re: [Anima] [lamps] on certification authorities.
X-BeenThere: anima@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Autonomic Networking Integrated Model and Approach <anima.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima>, <mailto:anima-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima/>
List-Post: <mailto:anima@ietf.org>
List-Help: <mailto:anima-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima>, <mailto:anima-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 27 Jun 2020 20:03:53 -0000

On 2020-06-27, at 09:57, Erik Andersen <era@x500.eu> wrote:
> 
> There certainly is a big difference between the term certification (an act)
> and the term certificate (a data value). Certification implies that the CA
> does some validation before issuing a certificate. 

Well, I maybe have a different perception because I’m German: the German word for the place that certifies that you are allowed to drive a car is “Führerscheinstelle” (*), “Driving License Office”.  Not “Driving Licensing Office”.  Because the result is what the customer cares about, not the process.

Then, of course, RFC 5280 gets to define the term for X.509v3, so “certification authority” it is.

(But, like with URIs and URLs, and TLS and SSL, and many other things, a different term is then used by the unwashed masses.  And, infuriatingly, by the people that cater to those masses instead of preferring the ground truth they know.)

Grüße, Carsten

(*) That office might be part of the Fahrerlaubnisbehörde, but I digress.  Same thing.