IETF Logo Mail Archive

[Gen-art] RE: Gen-ART review of draft-ietf-ltans-ers-13.txt

"Tobias Gondrom" <tgondrom@opentext.com> Fri, 01 June 2007 16:19 UTC

Return-path: <gen-art-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hu9qO-0007NE-Ol; Fri, 01 Jun 2007 12:19:16 -0400
Received: from gen-art by megatron.ietf.org with local (Exim 4.43) id 1Hu9qN-0007Mn-Uq for gen-art-confirm+ok@megatron.ietf.org; Fri, 01 Jun 2007 12:19:15 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hu9qN-0007MY-Kf for gen-art@ietf.org; Fri, 01 Jun 2007 12:19:15 -0400
Received: from mucmx02.ixos.de ([149.235.128.47]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Hu9qM-0004zY-4j for gen-art@ietf.org; Fri, 01 Jun 2007 12:19:15 -0400
Received: from MUCXGC2.opentext.net (localhost [127.0.0.1]) by mucmx02.ixos.de (8.12.10+Sun/8.12.10) with ESMTP id l51GJ4lk026031; Fri, 1 Jun 2007 18:19:04 +0200 (MEST)
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Date: Fri, 01 Jun 2007 18:19:03 +0200
Message-ID: <2666EB2A846BAC4BB2D7F593301A7868010A9FFB@MUCXGC2.opentext.net>
In-Reply-To: <886F5D4C78AFB14D87261206BFB9612E1D0608D1@scygmxs1.cygnacom.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Gen-ART review of draft-ietf-ltans-ers-13.txt
Thread-Index: AcekZUogWwtp00CGQrOcTtI4bQDocwAAwa9g
X-Priority: 5
Priority: Non-Urgent
Importance: low
From: Tobias Gondrom <tgondrom@opentext.com>
To: Carl Wallace <CWallace@cygnacom.com>, Brian E Carpenter <brian.e.carpenter@gmail.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: d6b0e0d49fdeccc4f4975ee60f85ef51
Cc: ralf.brandner@intercomponentware.com, General Area Review Team <gen-art@ietf.org>, Tim Polk <wpolk@nist.gov>, ulrich.pordesch@zv.fraunhofer.de
Subject: [Gen-art] RE: Gen-ART review of draft-ietf-ltans-ers-13.txt
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Content-Type: multipart/mixed; boundary="===============1692204896=="
Errors-To: gen-art-bounces@ietf.org

Ok. Thank you, Carl and Brian. 

I just submitted draft-ietf-ltans-ers-15.txt with the change as proposed
by Brian. 

 

Best regards and have a nice weekend, Tobias

 

 

 

 

________________________________

From: Carl Wallace [mailto:CWallace@cygnacom.com] 
Sent: Friday, June 01, 2007 5:55 PM
To: Tobias Gondrom
Cc: General Area Review Team; ralf.brandner@intercomponentware.com;
ulrich.pordesch@zv.fraunhofer.de; Tim Polk; Brian E Carpenter
Subject: RE: Gen-ART review of draft-ietf-ltans-ers-13.txt

 

I like Brian's clarification that the verification data be preserved but
that it is not required to appear in the timestamp. 

> -----Original Message----- 
> From: Tobias Gondrom [mailto:tgondrom@opentext.com] 
> Sent: Friday, June 01, 2007 10:10 AM 
> To: Carl Wallace 
> Cc: General Area Review Team; 
> ralf.brandner@intercomponentware.com; 
> ulrich.pordesch@zv.fraunhofer.de; Tim Polk; Brian E Carpenter 
> Subject: RE: Gen-ART review of draft-ietf-ltans-ers-13.txt 
> 
> Ok. 
> So, than this up to your judgement, Carl. 
> - Tobias 
> 
> 
> Ps.: if you tell me to do so, I will submit a revised draft 
> right away, otherwise Tim can progress the draft. 
> 
> 
> 
> > -----Original Message----- 
> > From: Brian E Carpenter [mailto:brian.e.carpenter@gmail.com] 
> > Sent: Friday, June 01, 2007 4:03 PM 
> > To: Tobias Gondrom 
> > Cc: Carl Wallace; General Area Review Team; 
> > ralf.brandner@intercomponentware.com; 
> ulrich.pordesch@zv.fraunhofer.de; 
> > Tim Polk 
> > Subject: Re: Gen-ART review of draft-ietf-ltans-ers-13.txt 
> > 
> > Thanks. I believe there is an issue of clarity here, but as always, 
> > please take guidance from the document shepherd. 
> > 
> >      Brian 
> > 
> > 
> > On 2007-06-01 15:20, Tobias Gondrom wrote: 
> > > Hello Brian, 
> > > 
> > > Concerning the sentence in section 4.2: 
> > > I do not see a big difference between your proposal: 
> > > "The data (e.g. certificates, CRLs or OCSP-Responses) needed to 
> verify 
> > > the timestamp MUST be preserved, and SHOULD be stored in the 
> timestamp 
> > > itself unless this causes unnecessary duplication." 
> > > 
> > > And the existing text: 
> > > "The data (e.g. certificates, CRLs or OCSP-Responses) needed to 
> verify 
> > > the timestamp SHOULD be stored in the timestamp itself or MUST be 
> > > preserved otherwise." 
> > > 
> > > Although I do not see the need to change it, I can see no damage 
> either. 
> > > 
> > > So, if this re-wording solves your comment, we can make 
> the change. 
> > > 
> > > Ok? 
> > > 
> > > Tobias 
> > > 
> > > 
> > > 
> > >> -----Original Message----- 
> > >> From: Brian E Carpenter [mailto:brian.e.carpenter@gmail.com] 
> > >> Sent: Friday, June 01, 2007 1:16 PM 
> > >> To: Tobias Gondrom 
> > >> Cc: Carl Wallace; General Area Review Team; 
> > >> ralf.brandner@intercomponentware.com; 
> > > ulrich.pordesch@zv.fraunhofer.de; 
> > >> Tim Polk 
> > >> Subject: Re: Gen-ART review of draft-ietf-ltans-ers-13.txt 
> > >> 
> > >> On 2007-06-01 12:11, Tobias Gondrom wrote: 
> > >>> Hello Brian, 
> > >>> Answer/Comments inline. 
> > >>> Tobias 
> > >>> 
> > >>> Ps.: I hope you do not feel your comment got ignored, cause that

> has 
> > >>> never been my intention. (I just thought my explanation was 
> > > satisfying, 
> > >>> as you indicated in your email May-22 and closed the item 
> > > accordingly.) 
> > >> No problem at all - I just thought about it some more. 
> We Gen-ART 
> > >> reviewers have a habit of looking at SHOULD and SHOULD NOT quite 
> > >> closely, 
> > > because 
> > >> we know that they can cause indecision among implementers. For 
> > > example, 
> > >> you could say something like this: 
> > >> 
> > >> The data (e.g. certificates, CRLs or OCSP-Responses) needed to 
> verify 
> > >> the timestamp MUST be preserved, and SHOULD be stored in the 
> timestamp 
> > >> itself unless this causes unnecessary duplication. 
> > >> 
> > >> It's up to you, I am not insisting on a change. 
> > >> 
> > >>      Brian 
> > >> 
> > >> 
> > >> 
> > >>> 
> > >>>> -----Original Message----- 
> > >>>> From: Brian E Carpenter [mailto:brian.e.carpenter@gmail.com] 
> > >>>> Sent: Friday, June 01, 2007 11:28 AM 
> > >>>> To: Carl Wallace 
> > >>>> Cc: Tobias Gondrom; General Area Review Team; 
> > >>>> ralf.brandner@intercomponentware.com; 
> > >>> ulrich.pordesch@zv.fraunhofer.de; 
> > >>>> Tim Polk 
> > >>>> Subject: Re: Gen-ART review of draft-ietf-ltans-ers-13.txt 
> > >>>> 
> > >>>> Triggered by seeing -14 come out: 
> > >>>> 
> > >>>> On 2007-05-21 20:44, Carl Wallace wrote: 
> > >>>>>>> 1. At the end of section 4.2: 
> > >>>>>>> 
> > >>>>>>>  The data (e.g. certificates, CRLs or OCSP-Responses) 
> > >>>>>> needed to verify 
> > >>>>>>> the timestamp SHOULD be stored in the timestamp 
> itself or MUST 
> > > be 
> > >>>>>>> preserved otherwise. 
> > >>>>>>> 
> > >>>>>>> I find this insufficiently clear. When would it be 
> > >>>>>> acceptable not to 
> > >>>>>>> store these data in the timestamp, and if not done so, how 
> > >>>>>> would the 
> > >>>>>>> retriever know where to look? 
> > >>>>>> [tg]: There are three main reasons why we did intentionally 
> > >>>>>> write this up in this level of detail: 
> > >>>>>> At first, most of the verification of a 
> RFC3161-timestamp has 
> > >>>>>> been documented very well in the timestamp and CMS 
> > >>>>>> specifications. Second, ERS is open for other timestamps as 
> > >>>>>> well (e.g. ISO-18014-x) and they may (and do) require other 
> > >>>>>> verification data than RFC3161, plus these other formats may 
> > >>>>>> not be able to store all the necessary information for 
> > >>>>>> verification inside their data structures. 
> > >>>>>> And third, as some of the verification data may be 
> dependent on 
> > >>>>>> the use case and country where it is verified, the 
> WG works on 
> > >>>>>> the I-D 
> > >>>>>> 
> http://www.ietf.org/internet-drafts/draft-ietf-ltans-validate- 
> > >>>>>> 01.txt to describe the verification and the required data in 
> > >>>>>> more detail. 
> > >>>>> In addition to the above, the "SHOULD be stored in the 
> timestamp" 
> > >>>>> recommendation is present in the spec because this is the 
> easiest 
> > >>>> option. 
> > >>>>> If the timestamp contains all of the verification data, then 
> there 
> > >>> is 
> > >>>> less 
> > >>>>> work for the verifier to perform.  However, this also freezes 
> the 
> > >>>>> verification context (if this is the only means of preserving 
> > >>>> verification 
> > >>>>> data).  There is a companion specification that defines how to

> use 
> > >>> SCVP 
> > >>>> and 
> > >>>>> ERS to preserve certificates and CRLs independent of 
> a data item 
> > >>> that is 
> > >>>>> archived.  This has a few benefits, including decreasing the 
> > > storage 
> > >>>> burden 
> > >>>>> on the archive and avoiding freezing the validation context. 
> > >>>>> 
> > >>>> I'm still a little unhappy about the SHOULD. How does an 
> > > implementor 
> > >>> know 
> > >>>> that it's OK to ignore the SHOULD? If the data is not stored in

> the 
> > >>>> timestamp, 
> > >>>> shouldn't you say that a pointer to the data MUST be stored in 
> the 
> > >>>> timestamp? 
> > >>> No, this would not be good. For verification data, we have today

> > > what 
> > >>> you might call like "implicit pointers" in the 
> timestamp, i.e. the 
> > >>> timestamp authority source name etc. gives you the information 
> from 
> > >>> where to receive the additional verification data like its 
> > > certificate 
> > >>> and CRL/OCSP. 
> > >>> So with the timestamp this is already implicitly known and it 
> would 
> > > be a 
> > >>> bad idea to force another explicit pointer to the structure. 
> > >>> 
> > >>> 
> > >>> (additional personal note: in general a verification 
> procedure of 
> > > the 
> > >>> timestamp must also include this data (certificate and (CRL OR 
> > > OCSP). 
> > >>> This can be done by retrieving the information from an online 
> source 
> > >>> (defined by the TSA name and address) or from the data 
> structures 
> of 
> > > the 
> > >>> timestamp or another source (e.g. a file store at the 
> verification 
> > >>> entity). 
> > >>> For infinite times it is obvious that the online source will no 
> > > longer 
> > >>> be available. But many use cases require a long (but 
> not infinite) 
> > >>> storage time where renewal is absolutely necessary, but 
> where the 
> > >>> business scenario guarantees that the verification data will be 
> > >>> available for the whole time. (e.g. some TSA guarantee 
> (including 
> a 
> > >>> government continuation guarantee) that the service will be 
> > > available 
> > >>> online for a specified time, e.g. 30 years, even if the 
> TSA closes 
> > >>> down.) 
> > >>> This again leads to the term SHOULD but not MUST.) 
> > >>> 
> > >>> 
> > > 
> 


_______________________________________________
Gen-art mailing list
Gen-art@ietf.org
https://www1.ietf.org/mailman/listinfo/gen-art

v2.23.0 | Report a Bug | By Email