RE: [pkix] Last Call: <draft-ietf-pkix-rfc5280-clarifications-08.txt> (Updates to the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile) to Proposed Standard
denis.pinkas@bull.net Thu, 23 August 2012 18:02 UTC
Return-Path: <denis.pinkas@bull.net>
X-Original-To: ietf@ietfa.amsl.com
Delivered-To: ietf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D055E21F861F for <ietf@ietfa.amsl.com>; Thu, 23 Aug 2012 11:02:22 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.151
X-Spam-Level:
X-Spam-Status: No, score=-2.151 tagged_above=-999 required=5 tests=[AWL=0.097, BAYES_00=-2.599, HELO_EQ_FR=0.35, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a3h8VigxuKQ8 for <ietf@ietfa.amsl.com>; Thu, 23 Aug 2012 11:02:22 -0700 (PDT)
Received: from odin2.bull.net (odin2.bull.net [129.184.85.11]) by ietfa.amsl.com (Postfix) with ESMTP id 7D6CF21F860E for <ietf@ietf.org>; Thu, 23 Aug 2012 11:02:20 -0700 (PDT)
Received: from MSGC-003.bull.fr (MSGC-003.frcl.bull.fr [129.184.87.131]) by odin2.bull.net (Bull S.A.) with ESMTP id 617FA1801A for <ietf@ietf.org>; Thu, 23 Aug 2012 20:02:19 +0200 (CEST)
In-Reply-To: <20120822150543.16802.27813.idtracker@ietfa.amsl.com>
References: <20120822150543.16802.27813.idtracker@ietfa.amsl.com>
To: ietf@ietf.org
MIME-Version: 1.0
Subject: RE: [pkix] Last Call: <draft-ietf-pkix-rfc5280-clarifications-08.txt> (Updates to the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile) to Proposed Standard
X-KeepSent: 998F9088:0427EC5F-C1257A63:0060E0A6; type=4; name=$KeepSent
X-Mailer: Lotus Notes Release 8.5.2 August 10, 2010
From: denis.pinkas@bull.net
Message-ID: <OF998F9088.0427EC5F-ONC1257A63.0060E0A6-C1257A63.006316C3@bull.net>
Date: Thu, 23 Aug 2012 20:02:18 +0200
X-MIMETrack: Serialize by Router on MSGC-003/SRV/BULL(Release 8.5.2FP1|November 29, 2010) at 23/08/2012 20:02:19, Serialize complete at 23/08/2012 20:02:19
Content-Type: multipart/alternative; boundary="=_alternative 00630FBBC1257A63_="
X-Mailman-Approved-At: Thu, 23 Aug 2012 13:43:18 -0700
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ietf>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 23 Aug 2012 18:02:23 -0000
A discussion has just started yesterday on the PKIX mailing list about an "Errata in section 5.3 from RFC 5280". At this time it can clearly be seen that RFC 5280 is NOT compatible with X.509 for the processing of crlEntryExtensions, whereas RFC 5280 is supposed to be a *profile* of X.509. For that reason, I ask the IESG to suspend its decision until the issue about crlEntryExtensions is clarified one way or another, since this point now needs to be clarified and will impact a document whose goal is precisely to clarify RFC 5280. Denis De : The IESG <iesg-secretary@ietf.org> A : IETF-Announce <ietf-announce@ietf.org> Cc : pkix@ietf.org Date : 22/08/2012 17:05 Objet : [pkix] Last Call: <draft-ietf-pkix-rfc5280-clarifications-08.txt> (Updates to the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile) to Proposed Standard Envoyé par : pkix-bounces@ietf.org The IESG has received a request from the Public-Key Infrastructure (X.509) WG (pkix) to consider the following document: - 'Updates to the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile' <draft-ietf-pkix-rfc5280-clarifications-08.txt> as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2012-09-05. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract This document updates RFC 5280, the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. This document changes the set of acceptable encoding methods for the explicitText field of the user notice policy qualifier and clarifies the rules for converting internationalized domain name labels to ASCII. This document also provides some clarifications on the use of self-signed certificates, trust anchors, and some updated security considerations. The file can be obtained via http://datatracker.ietf.org/doc/draft-ietf-pkix-rfc5280-clarifications/ IESG discussion can be tracked via http://datatracker.ietf.org/doc/draft-ietf-pkix-rfc5280-clarifications/ballot/ No IPR declarations have been submitted directly on this I-D. _______________________________________________ pkix mailing list pkix@ietf.org https://www.ietf.org/mailman/listinfo/pkix
- RE: [pkix] Last Call: <draft-ietf-pkix-rfc5280-cl… denis.pinkas
- Re: [pkix] Last Call: <draft-ietf-pkix-rfc5280-cl… Sean Turner