IETF Logo Mail Archive

[Gen-art] Re: Gen-ART review of draft-ietf-ltans-ers-13.txt

Brian E Carpenter <brian.e.carpenter@gmail.com> Fri, 01 June 2007 14:03 UTC

Return-path: <gen-art-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hu7io-0002ln-5b; Fri, 01 Jun 2007 10:03:18 -0400
Received: from gen-art by megatron.ietf.org with local (Exim 4.43) id 1Hu7in-0002lh-AJ for gen-art-confirm+ok@megatron.ietf.org; Fri, 01 Jun 2007 10:03:17 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hu7in-0002lZ-0X for gen-art@ietf.org; Fri, 01 Jun 2007 10:03:17 -0400
Received: from wr-out-0506.google.com ([64.233.184.229]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Hu7im-0006il-IZ for gen-art@ietf.org; Fri, 01 Jun 2007 10:03:16 -0400
Received: by wr-out-0506.google.com with SMTP id m59so550768wrm for <gen-art@ietf.org>; Fri, 01 Jun 2007 07:03:15 -0700 (PDT)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=cWyYspZj4tHebcSNYChEAINS+VpbcyJNuydAh7p5LB5sxh9xtEZnghtu9uVnsAJ6AT5shuS8h8aQsXj+BiMztOP5byAd3AyEuqsk0MSurWtcOQcBUp6zQ5hhHeqSmez1f7myvNClweIkDsYQBSoVc24MP6vVkmHXhc5VwCym6g8=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:user-agent:mime-version:to:cc:subject:references:in-reply-to:content-type:content-transfer-encoding; b=uP4cVACdEINBtnX1UuViZatvvmuVeAlM1Eo73DBvt7x343h01CzEgJvu9FbLb8JHiQnm7mOLRWGwcRj2g03ojXPujRArD+CS8FCFTZOJU+e0PI1at3t5M3ERGMcP3p4hZExC90sRg7H94GJutTGfNuEF4gHuniufz3u+eLgbkvI=
Received: by 10.78.140.17 with SMTP id n17mr1247648hud.1180706594640; Fri, 01 Jun 2007 07:03:14 -0700 (PDT)
Received: from ?10.10.50.1? ( [213.3.13.1]) by mx.google.com with ESMTP id w5sm37943mue.2007.06.01.07.03.07; Fri, 01 Jun 2007 07:03:10 -0700 (PDT)
Message-ID: <4660271C.2050300@gmail.com>
Date: Fri, 01 Jun 2007 16:03:08 +0200
From: Brian E Carpenter <brian.e.carpenter@gmail.com>
User-Agent: Thunderbird 1.5.0.10 (Windows/20070221)
MIME-Version: 1.0
To: Tobias Gondrom <tgondrom@opentext.com>
References: <2666EB2A846BAC4BB2D7F593301A7868010A9FAF@MUCXGC2.opentext.net>
In-Reply-To: <2666EB2A846BAC4BB2D7F593301A7868010A9FAF@MUCXGC2.opentext.net>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Spam-Score: 0.0 (/)
X-Scan-Signature: ee80a2074afbfe28d15369f4e74e579d
Cc: ralf.brandner@intercomponentware.com, General Area Review Team <gen-art@ietf.org>, Tim Polk <wpolk@nist.gov>, ulrich.pordesch@zv.fraunhofer.de, Carl Wallace <CWallace@cygnacom.com>
Subject: [Gen-art] Re: Gen-ART review of draft-ietf-ltans-ers-13.txt
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Errors-To: gen-art-bounces@ietf.org

Thanks. I believe there is an issue of clarity here,
but as always, please take guidance from the document
shepherd.

     Brian


On 2007-06-01 15:20, Tobias Gondrom wrote:
> Hello Brian,
> 
> Concerning the sentence in section 4.2:
> I do not see a big difference between your proposal:
> "The data (e.g. certificates, CRLs or OCSP-Responses) needed to verify
> the timestamp MUST be preserved, and SHOULD be stored in the timestamp
> itself unless this causes unnecessary duplication."
> 
> And the existing text:
> "The data (e.g. certificates, CRLs or OCSP-Responses) needed to verify
> the timestamp SHOULD be stored in the timestamp itself or MUST be
> preserved otherwise."
> 
> Although I do not see the need to change it, I can see no damage either.
> 
> So, if this re-wording solves your comment, we can make the change. 
> 
> Ok?
> 
> Tobias
> 
> 
> 
>> -----Original Message-----
>> From: Brian E Carpenter [mailto:brian.e.carpenter@gmail.com]
>> Sent: Friday, June 01, 2007 1:16 PM
>> To: Tobias Gondrom
>> Cc: Carl Wallace; General Area Review Team;
>> ralf.brandner@intercomponentware.com;
> ulrich.pordesch@zv.fraunhofer.de;
>> Tim Polk
>> Subject: Re: Gen-ART review of draft-ietf-ltans-ers-13.txt
>>
>> On 2007-06-01 12:11, Tobias Gondrom wrote:
>>> Hello Brian,
>>> Answer/Comments inline.
>>> Tobias
>>>
>>> Ps.: I hope you do not feel your comment got ignored, cause that has
>>> never been my intention. (I just thought my explanation was
> satisfying,
>>> as you indicated in your email May-22 and closed the item
> accordingly.)
>> No problem at all - I just thought about it some more. We Gen-ART
>> reviewers
>> have a habit of looking at SHOULD and SHOULD NOT quite closely,
> because
>> we know that they can cause indecision among implementers. For
> example,
>> you could say something like this:
>>
>> The data (e.g. certificates, CRLs or OCSP-Responses) needed to verify
>> the timestamp MUST be preserved, and SHOULD be stored in the timestamp
>> itself unless this causes unnecessary duplication.
>>
>> It's up to you, I am not insisting on a change.
>>
>>      Brian
>>
>>
>>
>>>
>>>> -----Original Message-----
>>>> From: Brian E Carpenter [mailto:brian.e.carpenter@gmail.com]
>>>> Sent: Friday, June 01, 2007 11:28 AM
>>>> To: Carl Wallace
>>>> Cc: Tobias Gondrom; General Area Review Team;
>>>> ralf.brandner@intercomponentware.com;
>>> ulrich.pordesch@zv.fraunhofer.de;
>>>> Tim Polk
>>>> Subject: Re: Gen-ART review of draft-ietf-ltans-ers-13.txt
>>>>
>>>> Triggered by seeing -14 come out:
>>>>
>>>> On 2007-05-21 20:44, Carl Wallace wrote:
>>>>>>> 1. At the end of section 4.2:
>>>>>>>
>>>>>>>  The data (e.g. certificates, CRLs or OCSP-Responses)
>>>>>> needed to verify
>>>>>>> the timestamp SHOULD be stored in the timestamp itself or MUST
> be
>>>>>>> preserved otherwise.
>>>>>>>
>>>>>>> I find this insufficiently clear. When would it be
>>>>>> acceptable not to
>>>>>>> store these data in the timestamp, and if not done so, how
>>>>>> would the
>>>>>>> retriever know where to look?
>>>>>> [tg]: There are three main reasons why we did intentionally
>>>>>> write this up in this level of detail:
>>>>>> At first, most of the verification of a RFC3161-timestamp has
>>>>>> been documented very well in the timestamp and CMS
>>>>>> specifications. Second, ERS is open for other timestamps as
>>>>>> well (e.g. ISO-18014-x) and they may (and do) require other
>>>>>> verification data than RFC3161, plus these other formats may
>>>>>> not be able to store all the necessary information for
>>>>>> verification inside their data structures.
>>>>>> And third, as some of the verification data may be dependent
>>>>>> on the use case and country where it is verified, the WG
>>>>>> works on the I-D
>>>>>> http://www.ietf.org/internet-drafts/draft-ietf-ltans-validate-
>>>>>> 01.txt to describe the verification and the required data in
>>>>>> more detail.
>>>>> In addition to the above, the "SHOULD be stored in the timestamp"
>>>>> recommendation is present in the spec because this is the easiest
>>>> option.
>>>>> If the timestamp contains all of the verification data, then there
>>> is
>>>> less
>>>>> work for the verifier to perform.  However, this also freezes the
>>>>> verification context (if this is the only means of preserving
>>>> verification
>>>>> data).  There is a companion specification that defines how to use
>>> SCVP
>>>> and
>>>>> ERS to preserve certificates and CRLs independent of a data item
>>> that is
>>>>> archived.  This has a few benefits, including decreasing the
> storage
>>>> burden
>>>>> on the archive and avoiding freezing the validation context.
>>>>>
>>>> I'm still a little unhappy about the SHOULD. How does an
> implementor
>>> know
>>>> that it's OK to ignore the SHOULD? If the data is not stored in the
>>>> timestamp,
>>>> shouldn't you say that a pointer to the data MUST be stored in the
>>>> timestamp?
>>> No, this would not be good. For verification data, we have today
> what
>>> you might call like "implicit pointers" in the timestamp, i.e. the
>>> timestamp authority source name etc. gives you the information from
>>> where to receive the additional verification data like its
> certificate
>>> and CRL/OCSP.
>>> So with the timestamp this is already implicitly known and it would
> be a
>>> bad idea to force another explicit pointer to the structure.
>>>
>>>
>>> (additional personal note: in general a verification procedure of
> the
>>> timestamp must also include this data (certificate and (CRL OR
> OCSP).
>>> This can be done by retrieving the information from an online source
>>> (defined by the TSA name and address) or from the data structures of
> the
>>> timestamp or another source (e.g. a file store at the verification
>>> entity).
>>> For infinite times it is obvious that the online source will no
> longer
>>> be available. But many use cases require a long (but not infinite)
>>> storage time where renewal is absolutely necessary, but where the
>>> business scenario guarantees that the verification data will be
>>> available for the whole time. (e.g. some TSA guarantee (including a
>>> government continuation guarantee) that the service will be
> available
>>> online for a specified time, e.g. 30 years, even if the TSA closes
>>> down.)
>>> This again leads to the term SHOULD but not MUST.)
>>>
>>>
> 


_______________________________________________
Gen-art mailing list
Gen-art@ietf.org
https://www1.ietf.org/mailman/listinfo/gen-art

v2.23.0 | Report a Bug | By Email