Re: [IPsec] ikev2bis issue #183: Replace "X.509" with "PKIX" throughout?
Yaron Sheffer <yaronf.ietf@gmail.com> Wed, 31 March 2010 09:17 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id ACB1A3A6BEE for <ipsec@core3.amsl.com>; Wed, 31 Mar 2010 02:17:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.406
X-Spam-Level:
X-Spam-Status: No, score=-0.406 tagged_above=-999 required=5 tests=[AWL=0.300, BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13, SARE_RECV_BEZEQINT_B=0.763]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uJUpehoDxE3O for <ipsec@core3.amsl.com>; Wed, 31 Mar 2010 02:17:21 -0700 (PDT)
Received: from fg-out-1718.google.com (fg-out-1718.google.com [72.14.220.153]) by core3.amsl.com (Postfix) with ESMTP id 010B63A6BD9 for <ipsec@ietf.org>; Wed, 31 Mar 2010 02:17:17 -0700 (PDT)
Received: by fg-out-1718.google.com with SMTP id d23so3640695fga.13 for <ipsec@ietf.org>; Wed, 31 Mar 2010 02:17:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:cc:subject:references:in-reply-to :content-type:content-transfer-encoding; bh=MxnT712H0e8wlsDcF9Q+CFOj50LMdrd/qDMJGv3yddw=; b=MydoGfDqZrOvgcgBG5/De5/W5ttb+aUhqDQyJB18CTl5gNw/MlmFprmnphbJbvEu96 68lufGiz6a12ke0w4fS9WbtH4WUNst/I03CTxOFBrn4FUP0oXMC0xa9yh0f3IrNEgQ5f 5u06RwGgCXmG4QsFsaOBt2ZnpXMSeLpj1ByYc=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; b=mdLZFyjeTA6QAQMC9areXl9KilDAOBIuumMQcjQh4DEOWK9zpw41Pv+2PxJ+b8dgKr osGyEQYzV+njjGLeqg/cyecVUUvUwzJuljpiRtKCPQd8LUIGtPQCtOSR2/95rOqibJtU /Hw26Mg9SQdim36WeVPByUeVODTnTRCrh+yNE=
Received: by 10.86.124.8 with SMTP id w8mr3126996fgc.8.1270027065266; Wed, 31 Mar 2010 02:17:45 -0700 (PDT)
Received: from [10.20.30.2] ([62.219.129.160]) by mx.google.com with ESMTPS id 4sm9253354fgg.7.2010.03.31.02.17.43 (version=SSLv3 cipher=RC4-MD5); Wed, 31 Mar 2010 02:17:44 -0700 (PDT)
Message-ID: <4BB31335.4060105@gmail.com>
Date: Wed, 31 Mar 2010 12:17:41 +0300
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.1.9) Gecko/20100317 Thunderbird/3.0.4
MIME-Version: 1.0
To: Paul Hoffman <paul.hoffman@vpnc.org>
References: <p06240809c7d83f45f613@[10.20.30.158]>
In-Reply-To: <p06240809c7d83f45f613@[10.20.30.158]>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: IPsecme WG <ipsec@ietf.org>
Subject: Re: [IPsec] ikev2bis issue #183: Replace "X.509" with "PKIX" throughout?
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 31 Mar 2010 09:17:25 -0000
Quoting from Wikipedia (http://en.wikipedia.org/wiki/X.509): The X.500 system has never been fully implemented, and the IETF's Public-Key Infrastructure (X.509), or PKIX, working group has adapted the standard to the more flexible organization of the Internet. In fact, the term X.509 certificate usually refers to the IETF's PKIX Certificate and CRL Profile of the X.509 v3 certificate standard, as specified in RFC 5280, commonly referred to as PKIX for Public Key Infrastructure (X.509). I suggest to retain the existing X.509 terminology which is more common, adding a clarification somewhere that we really refer to the PKIX profile. Thanks, Yaron On 31.3.2010 2:59, Paul Hoffman wrote: > We use "X.509" when we probably mean "PKIX". That is, we only care about the PKIX profile of X.509, not just the base X.509 spec. However, X.509 appears in some of the protocol element names. Can we change it throughout to PKIX, or are we stuck with the old name? > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec
- [IPsec] ikev2bis issue #183: Replace "X.509" with… Paul Hoffman
- Re: [IPsec] ikev2bis issue #183: Replace "X.509" … Yaron Sheffer
- Re: [IPsec] ikev2bis issue #183: Replace "X.509" … Sean Turner
- [IPsec] ikev2bis issue #183: Replace "X.509" with… Tero Kivinen