Protocol Action: 'Internet X.509 Public Key Infrastructure - Certificate Image' to Proposed Standard (draft-ietf-pkix-certimage-11.txt)
The IESG <iesg-secretary@ietf.org> Tue, 15 February 2011 17:04 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@core3.amsl.com
Delivered-To: ietf-announce@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id EB3A63A6D27; Tue, 15 Feb 2011 09:04:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pxFOxspMeD0b; Tue, 15 Feb 2011 09:04:47 -0800 (PST)
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5E89E3A6D33; Tue, 15 Feb 2011 09:04:46 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'Internet X.509 Public Key Infrastructure - Certificate Image' to Proposed Standard (draft-ietf-pkix-certimage-11.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 3.12
Message-ID: <20110215170446.7946.94549.idtracker@localhost>
Date: Tue, 15 Feb 2011 09:04:46 -0800
Cc: pkix mailing list <pkix@ietf.org>, pkix chair <pkix-chairs@tools.ietf.org>, Internet Architecture Board <iab@iab.org>, RFC Editor <rfc-editor@rfc-editor.org>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf-announce>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Feb 2011 17:04:48 -0000
The IESG has approved the following document: - 'Internet X.509 Public Key Infrastructure - Certificate Image' (draft-ietf-pkix-certimage-11.txt) as a Proposed Standard This document is the product of the Public-Key Infrastructure (X.509) Working Group. The IESG contact persons are Tim Polk and Sean Turner. A URL of this Internet Draft is: http://datatracker.ietf.org/doc/draft-ietf-pkix-certimage/ Technical Summary RFC 3709 defines a way to bind a logo or analogous image to a certificate, to aid human interpretation of a certificate by providing meaningful visual information to the user interface. This document specifies three new encodings for visual representations, as an extension of RFC 3709, using the otherLogos extension capability of that RFC. Thus it represents an incremental change to the fundamental capability provided by 3709. Working Group Summary WG process was not particularly smooth. At the first WGLC this document generated a fairly large amount of discussion where several WG members voiced security concerns as well as concerns whether the problem addressed by this draft requires a solution or whether this problem would be better served by another solution. These security concerns were addressed as a result of changes made after the first WGLC. The residual objection that was raised by a few individuals (during the second WGLC) is whether this solution is will be successful, i.e., deployed. The WG chair judged this document to have "very rough consensus". The wg emails were reviewed by both SEC ADs, and believe that sufficient consensus existed to progress. Document Quality We have seen no deployment of certificates with the 3709 extension, nor are we aware of code to make use of this extension in relying party software. However, several major implementers have stated their support for the current draft. The ETSI ESI (Electronic Signature Infrastructure) group is also referencing this specification as a component for their Visible Signatures work. Personnel Steve Kent is the Document Shepherd for this document. Tim Polk is the Responsible Area Director. RFC Editor Note In section 4.1, please make the following substitution: OLD LogotypeDetails ::= SEQUENCE { mediaType IA5String, -- MIME media type name and optional -- parameters NEW LogotypeDetails ::= SEQUENCE { mediaType IA5String, -- MIME media type name and optional -- parameters (see section 5) In Section 5.2, please make the following substitution: OLD The referenced SVG file MAY be provided in GZIP [RFC1952] compressed form as an SVGZ file according to section 1.2 in SVG 1.1 [SVG]. NEW The referenced SVG file MAY be provided in GZIP [RFC1952] compressed form as an SVGZ file. In this case, the extension 'svgz' is used as an alias for 'svg.gz' [RFC1952], i.e. octet streams of type image/svg+xml, subsequently compressed with gzip as specified in [SVGR]. In Section 5.2, please replace the 2nd to the last paragraph to read: OLD: When the SVG image is embedded using the "data" URL scheme as defined in section 5, SVG image data SHOULD be provided in SVGZ (GZIP ^ ^^^^^^ compressed) form and MAY be provided in uncompressed SVG form. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Compliant implementations that process embedded SVG images MUST be able to handle both compressed and uncompressed image data. NEW: When the SVG image is embedded using the "data" URL scheme as defined in section 4, SVG image data MUST be provided in SVGZ (GZIP ^ ^^^^ compressed) form (i.e. it MUST NOT be provided in uncompressed SVG form). ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Please add the following informative reference: [SVGR] "Media Type Registration for image/svg+xml", http://dev.w3.org/SVG/profiles/1.1F2/master/mimereg.html