[Gen-art] RE: Gen-ART review of draft-ietf-ltans-ers-13.txt
"Tobias Gondrom" <tgondrom@opentext.com> Fri, 01 June 2007 10:12 UTC
Return-path: <gen-art-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hu46z-0004eY-Hp; Fri, 01 Jun 2007 06:12:01 -0400
Received: from gen-art by megatron.ietf.org with local (Exim 4.43) id 1Hu46y-0004eK-UL for gen-art-confirm+ok@megatron.ietf.org; Fri, 01 Jun 2007 06:12:00 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Hu46y-0004eC-KY for gen-art@ietf.org; Fri, 01 Jun 2007 06:12:00 -0400
Received: from mucmx01.ixos.de ([149.235.128.48]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1Hu46y-0002fU-5C for gen-art@ietf.org; Fri, 01 Jun 2007 06:12:00 -0400
Received: from MUCXGC2.opentext.net (localhost [127.0.0.1]) by mucmx01.ixos.de (8.12.10+Sun/8.12.10) with ESMTP id l51ABrV6028892; Fri, 1 Jun 2007 12:11:54 +0200 (MEST)
X-MimeOLE: Produced By Microsoft Exchange V6.5.7226.0
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Fri, 01 Jun 2007 12:11:52 +0200
Message-ID: <2666EB2A846BAC4BB2D7F593301A7868010A9F2F@MUCXGC2.opentext.net>
In-Reply-To: <465FE6A2.3030008@gmail.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Gen-ART review of draft-ietf-ltans-ers-13.txt
Thread-Index: AcekLys3mEiLiUORRg+L2XLETm8QCAAAVsog
From: Tobias Gondrom <tgondrom@opentext.com>
To: Brian E Carpenter <brian.e.carpenter@gmail.com>, Carl Wallace <CWallace@cygnacom.com>
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 6e922792024732fb1bb6f346e63517e4
Cc: ralf.brandner@intercomponentware.com, General Area Review Team <gen-art@ietf.org>, Tim Polk <wpolk@nist.gov>, ulrich.pordesch@zv.fraunhofer.de
Subject: [Gen-art] RE: Gen-ART review of draft-ietf-ltans-ers-13.txt
X-BeenThere: gen-art@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "GEN-ART: General Area Review Team" <gen-art.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/gen-art>
List-Post: <mailto:gen-art@ietf.org>
List-Help: <mailto:gen-art-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/gen-art>, <mailto:gen-art-request@ietf.org?subject=subscribe>
Errors-To: gen-art-bounces@ietf.org
Hello Brian, Answer/Comments inline. Tobias Ps.: I hope you do not feel your comment got ignored, cause that has never been my intention. (I just thought my explanation was satisfying, as you indicated in your email May-22 and closed the item accordingly.) > -----Original Message----- > From: Brian E Carpenter [mailto:brian.e.carpenter@gmail.com] > Sent: Friday, June 01, 2007 11:28 AM > To: Carl Wallace > Cc: Tobias Gondrom; General Area Review Team; > ralf.brandner@intercomponentware.com; ulrich.pordesch@zv.fraunhofer.de; > Tim Polk > Subject: Re: Gen-ART review of draft-ietf-ltans-ers-13.txt > > Triggered by seeing -14 come out: > > On 2007-05-21 20:44, Carl Wallace wrote: > >>> 1. At the end of section 4.2: > >>> > >>> The data (e.g. certificates, CRLs or OCSP-Responses) > >> needed to verify > >>> the timestamp SHOULD be stored in the timestamp itself or MUST be > >>> preserved otherwise. > >>> > >>> I find this insufficiently clear. When would it be > >> acceptable not to > >>> store these data in the timestamp, and if not done so, how > >> would the > >>> retriever know where to look? > >> [tg]: There are three main reasons why we did intentionally > >> write this up in this level of detail: > >> At first, most of the verification of a RFC3161-timestamp has > >> been documented very well in the timestamp and CMS > >> specifications. Second, ERS is open for other timestamps as > >> well (e.g. ISO-18014-x) and they may (and do) require other > >> verification data than RFC3161, plus these other formats may > >> not be able to store all the necessary information for > >> verification inside their data structures. > >> And third, as some of the verification data may be dependent > >> on the use case and country where it is verified, the WG > >> works on the I-D > >> http://www.ietf.org/internet-drafts/draft-ietf-ltans-validate- > >> 01.txt to describe the verification and the required data in > >> more detail. > > > > In addition to the above, the "SHOULD be stored in the timestamp" > > recommendation is present in the spec because this is the easiest > option. > > If the timestamp contains all of the verification data, then there is > less > > work for the verifier to perform. However, this also freezes the > > verification context (if this is the only means of preserving > verification > > data). There is a companion specification that defines how to use SCVP > and > > ERS to preserve certificates and CRLs independent of a data item that is > > archived. This has a few benefits, including decreasing the storage > burden > > on the archive and avoiding freezing the validation context. > > > > I'm still a little unhappy about the SHOULD. How does an implementor know > that it's OK to ignore the SHOULD? If the data is not stored in the > timestamp, > shouldn't you say that a pointer to the data MUST be stored in the > timestamp? No, this would not be good. For verification data, we have today what you might call like "implicit pointers" in the timestamp, i.e. the timestamp authority source name etc. gives you the information from where to receive the additional verification data like its certificate and CRL/OCSP. So with the timestamp this is already implicitly known and it would be a bad idea to force another explicit pointer to the structure. (additional personal note: in general a verification procedure of the timestamp must also include this data (certificate and (CRL OR OCSP). This can be done by retrieving the information from an online source (defined by the TSA name and address) or from the data structures of the timestamp or another source (e.g. a file store at the verification entity). For infinite times it is obvious that the online source will no longer be available. But many use cases require a long (but not infinite) storage time where renewal is absolutely necessary, but where the business scenario guarantees that the verification data will be available for the whole time. (e.g. some TSA guarantee (including a government continuation guarantee) that the service will be available online for a specified time, e.g. 30 years, even if the TSA closes down.) This again leads to the term SHOULD but not MUST.) _______________________________________________ Gen-art mailing list Gen-art@ietf.org https://www1.ietf.org/mailman/listinfo/gen-art
- [Gen-art] Gen-ART review of draft-ietf-ltans-ers-… Brian E Carpenter
- [Gen-art] Gen-ART review of draft-ietf-ltans-ers-… Brian E Carpenter
- [Gen-art] RE: Gen-ART review of draft-ietf-ltans-… Tobias Gondrom
- Re: [Gen-art] RE: Gen-ART review of draft-ietf-lt… Russ Housley
- [Gen-art] RE: Gen-ART review of draft-ietf-ltans-… Carl Wallace
- [Gen-art] Re: Gen-ART review of draft-ietf-ltans-… Brian E Carpenter
- RE: [Gen-art] RE: Gen-ART review of draft-ietf-lt… Tobias Gondrom
- [Gen-art] Re: Gen-ART review of draft-ietf-ltans-… Brian E Carpenter
- [Gen-art] RE: Gen-ART review of draft-ietf-ltans-… Tobias Gondrom
- [Gen-art] Re: Gen-ART review of draft-ietf-ltans-… Brian E Carpenter
- [Gen-art] RE: Gen-ART review of draft-ietf-ltans-… Tobias Gondrom
- [Gen-art] Re: Gen-ART review of draft-ietf-ltans-… Brian E Carpenter
- [Gen-art] RE: Gen-ART review of draft-ietf-ltans-… Tobias Gondrom
- [Gen-art] RE: Gen-ART review of draft-ietf-ltans-… Carl Wallace
- [Gen-art] RE: Gen-ART review of draft-ietf-ltans-… Tobias Gondrom