Protocol Action: 'Updates to Lightweight OCSP Profile for High Volume Environments' to Proposed Standard (draft-ietf-lamps-rfc5019bis-12.txt)
The IESG <iesg-secretary@ietf.org> Fri, 13 September 2024 18:57 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from [10.244.2.118] (unknown [104.131.183.230]) by ietfa.amsl.com (Postfix) with ESMTP id A7D54C151079; Fri, 13 Sep 2024 11:57:56 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'Updates to Lightweight OCSP Profile for High Volume Environments' to Proposed Standard (draft-ietf-lamps-rfc5019bis-12.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 12.23.0
Auto-Submitted: auto-generated
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <172625387617.3473599.1564859291302401124@dt-datatracker-68b7b78cf9-q8rsp>
Date: Fri, 13 Sep 2024 11:57:56 -0700
Message-ID-Hash: YBQB3C4RTWW3DT6XDYOTEQJK6LYBJTMB
X-Message-ID-Hash: YBQB3C4RTWW3DT6XDYOTEQJK6LYBJTMB
X-MailFrom: iesg-secretary@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ietf-announce.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The IESG <iesg@ietf.org>, draft-ietf-lamps-rfc5019bis@ietf.org, lamps-chairs@ietf.org, rdd@cert.org, rfc-editor@rfc-editor.org, spasm@ietf.org
X-Mailman-Version: 3.3.9rc4
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/uzEUmWKY_WglQGKCblHyqnzdcG4>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Owner: <mailto:ietf-announce-owner@ietf.org>
List-Post: <mailto:ietf-announce@ietf.org>
List-Subscribe: <mailto:ietf-announce-join@ietf.org>
List-Unsubscribe: <mailto:ietf-announce-leave@ietf.org>
The IESG has approved the following document: - 'Updates to Lightweight OCSP Profile for High Volume Environments' (draft-ietf-lamps-rfc5019bis-12.txt) as Proposed Standard This document is the product of the Limited Additional Mechanisms for PKIX and SMIME Working Group. The IESG contact persons are Paul Wouters, Deb Cooley and Roman Danyliw. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-lamps-rfc5019bis/ Technical Summary This specification defines a profile of the Online Certificate Status Protocol (OCSP) that addresses the scalability issues inherent when using OCSP in large scale (high volume) Public Key Infrastructure (PKI) environments and/or in PKI environments that require a lightweight solution to minimize communication bandwidth and client- side processing. This specification obsoletes RFC 5019. The profile specified in RFC 5019 has been updated to allow and recommend the use of SHA-256 over SHA-1. Working Group Summary There is broad support in the LAMPS WG for this document. WG Last Call included many implementers, and all of the issues that were raise were resolved quickly. One notable concern was raised during WG Last Call that should be highlighted. This document includes: ~~~ OCSP responders SHOULD NOT distribute OCSP responses that contain CertIDs that use SHA-1 if the OCSP responder has no clients that require the use of SHA-1. ~~~ It is recognized that there is no obvious point in time when this will be true. However, no one could offer a better criteria for stopping support for SHA-1, which everyone wants to do. Document Quality OCSP is widely deployed. Personnel The Document Shepherd for this document is Russ Housley. The Responsible Area Director is Roman Danyliw.