[Gen-art] applicability of draft-saintandre-tls-server-id-check (was: Gen-ART LC Review...)

=JeffH <Jeff.Hodges@KingsMountain.com> Wed, 08 December 2010 20:47 UTC

Return-Path: <Jeff.Hodges@KingsMountain.com>
X-Original-To: gen-art@core3.amsl.com
Delivered-To: gen-art@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A556E3A687D for <gen-art@core3.amsl.com>; Wed, 8 Dec 2010 12:47:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.998
X-Spam-Level:
X-Spam-Status: No, score=-101.998 tagged_above=-999 required=5 tests=[AWL=0.267, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7fj-BApXoYZm for <gen-art@core3.amsl.com>; Wed, 8 Dec 2010 12:47:27 -0800 (PST)
Received: from oproxy3-pub.bluehost.com (oproxy3-pub.bluehost.com [69.89.21.8]) by core3.amsl.com (Postfix) with SMTP id AC1D93A686A for <gen-art@ietf.org>; Wed, 8 Dec 2010 12:47:27 -0800 (PST)
Received: (qmail 24289 invoked by uid 0); 8 Dec 2010 20:48:55 -0000
Received: from unknown (HELO box514.bluehost.com) (74.220.219.114) by oproxy3.bluehost.com with SMTP; 8 Dec 2010 20:48:55 -0000
DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=default; d=kingsmountain.com; h=Received:Message-ID:Date:From:User-Agent:MIME-Version:To:Subject:Content-Type:Content-Transfer-Encoding:X-Identified-User; b=K1Uze0JwNyC5WQNKzH1TneNWCa3bRecIM4oUoW+o6hLC0NObRzd06UkSz+NUsRKgQ+M/rHeSW95KpLLioXP3m2s2/nkAKndnkR+ORA1xhrddSW2FPzzymUOskJo9kIzf;
Received: from c-24-4-122-173.hsd1.ca.comcast.net ([24.4.122.173] helo=[192.168.11.10]) by box514.bluehost.com with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.69) (envelope-from <Jeff.Hodges@KingsMountain.com>) id 1PQQwZ-0001Jj-FM; Wed, 08 Dec 2010 13:48:55 -0700
Message-ID: <4CFFEF35.3090200@KingsMountain.com>
Date: Wed, 08 Dec 2010 12:48:53 -0800
From: =JeffH <Jeff.Hodges@KingsMountain.com>
User-Agent: Thunderbird 2.0.0.24 (X11/20101027)
MIME-Version: 1.0
To: IETF cert-based identity <certid@ietf.org>, General Area Review Team <gen-art@ietf.org>, Peter Saint-Andre <stpeter@stpeter.im>, Ben Campbell <ben@nostrum.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Identified-User: {11025:box514.bluehost.com:kingsmou:kingsmountain.com} {sentby:smtp auth 24.4.122.173 authed with jeff.hodges+kingsmountain.com}
Subject: [Gen-art] applicability of draft-saintandre-tls-server-id-check (was: Gen-ART LC Review...)
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Dec 2010 20:47:28 -0000

 > In general, I think this document is describing the tools available to
 > protocol designers, not telling protocol designers which tools to use.

Well, the original intent of this spec was to (simply, heh) specify how to 
match one's reference ID to the presented ID (tho we hadn't yet invented those 
terms) returned in the end-entity cert during TLS handshake, so protocol 
designers/specifiers didn't have to re-invent it (and do so differently) for 
each spec going forward.

So I'd characterize it as listing (and defining degrees-of-freedom of) the 
tools available (eg DNS-ID, SRV-ID, URI-ID, etc.), and then defining how to 
perform matching given the tool.

=JeffH