[apps-discuss] PKIX text encodings

Simon Josefsson <simon@josefsson.org> Fri, 27 January 2012 13:45 UTC

Return-Path: <simon@josefsson.org>
X-Original-To: apps-discuss@ietfa.amsl.com
Delivered-To: apps-discuss@ietfa.amsl.com
Received: from localhost (localhost []) by ietfa.amsl.com (Postfix) with ESMTP id 4061721F852B; Fri, 27 Jan 2012 05:45:16 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.909
X-Spam-Status: No, score=-99.909 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, HELO_MISMATCH_COM=0.553, HOST_EQ_STATICB=1.372, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([]) by localhost (ietfa.amsl.com []) (amavisd-new, port 10024) with ESMTP id GnMqK5Gv-Ftq; Fri, 27 Jan 2012 05:45:15 -0800 (PST)
Received: from yxa-v.extundo.com (static-213-115-179-173.sme.bredbandsbolaget.se []) by ietfa.amsl.com (Postfix) with ESMTP id 3658921F8528; Fri, 27 Jan 2012 05:45:14 -0800 (PST)
Received: from latte.josefsson.org (static-213-115-179-130.sme.bredbandsbolaget.se []) (authenticated bits=0) by yxa-v.extundo.com (8.14.3/8.14.3/Debian-5+lenny1) with ESMTP id q0RDj7g7004287 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Fri, 27 Jan 2012 14:45:08 +0100
X-Hashcash: 1:22:120127:apps-discuss@ietf.org::03twXgSwdKYllJqr:0++R
X-Hashcash: 1:22:120127:pkix@ietf.org::FGnwcqrqSzNh/F4b:tSN1
From: Simon Josefsson <simon@josefsson.org>
To: apps-discuss@ietf.org, pkix@ietf.org
References: <20120127133401.25242.24253.idtracker@ietfa.amsl.com>
OpenPGP: id=B565716F; url=http://josefsson.org/key.txt
Mail-Followup-To: apps-discuss@ietf.org
X-Hashcash: 1:22:120127:i-d-announce@ietf.org::Dy0Hw68nYXEkYC4i:4+ST
X-Hashcash: 1:22:120127:internet-drafts@ietf.org::XvgflzkHMI0cmCUS:DXqv
Date: Fri, 27 Jan 2012 14:45:06 +0100
In-Reply-To: <20120127133401.25242.24253.idtracker@ietfa.amsl.com> (internet-drafts@ietf.org's message of "Fri, 27 Jan 2012 05:34:01 -0800")
Message-ID: <877h0dcl99.fsf@latte.josefsson.org>
User-Agent: Gnus/5.110018 (No Gnus v0.18) Emacs/24.0.92 (gnu/linux)
MIME-Version: 1.0
Content-Type: text/plain
X-Virus-Scanned: clamav-milter 0.97.3 at yxa-v
X-Virus-Status: Clean
Subject: [apps-discuss] PKIX text encodings
X-BeenThere: apps-discuss@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: General discussion of application-layer protocols <apps-discuss.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/apps-discuss>
List-Post: <mailto:apps-discuss@ietf.org>
List-Help: <mailto:apps-discuss-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/apps-discuss>, <mailto:apps-discuss-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Jan 2012 13:45:16 -0000


See announcement below for a document that attempts to describe the
de-facto deployed usage of so called "PEM encoding" of X.509 related
data blobs, including the '-----BEGIN CERTIFICATE-----' format.  Many
applications and security libraries rely on these formats, but to my
knowledge they have never been standardized and there is unfortunately
some confusion and ambiguity as a result.


As usual, comments and suggestions are appreciated.  I'm not certain
what fora is best for discussing the document, but I suspect the apps
area group may be an appropriate venue, thus I'm adding an appropriate
Mail-Followup-To header.  If anyone believes discussion is inappropriate
there, I'm happy to move the discussion elsewhere.

If someone remembers the history around how the format was created,
anecdotal or otherwise, that would also be helpful.


internet-drafts@ietf.org writes:

> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> 	Title           : Text Encodings of Some Security Related Structures
> 	Author(s)       : Simon Josefsson
> 	Filename        : draft-josefsson-pkix-textual-00.txt
> 	Pages           : 10
> 	Date            : 2012-01-27
>    This document describe and discuss the text encodings of Public-Key
>    Infrastructure using X.509 (PKIX) Certificates, PKIX Certificate
>    Revocation Lists (CRLs), PKCS #10 Certificate Request Syntax, PKCS #7
>    structures, and Attribute Certificates.  The text encodings are well-
>    known, implemented by several applications and libraries, and is
>    widely deployed.  This document is intended to articulate the de-
>    facto rules that existing implementations operate by, and to give
>    recommendations that will promote interoperability going forward.
> A URL for this Internet-Draft is:
> http://www.ietf.org/internet-drafts/draft-josefsson-pkix-textual-00.txt
> Internet-Drafts are also available by anonymous FTP at:
> ftp://ftp.ietf.org/internet-drafts/
> This Internet-Draft can be retrieved at:
> ftp://ftp.ietf.org/internet-drafts/draft-josefsson-pkix-textual-00.txt