Re: [IPsec] #118: Reference for PKCS #7
Tero Kivinen <kivinen@iki.fi> Wed, 25 November 2009 12:01 UTC
Return-Path: <kivinen@iki.fi>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 037BA3A6886 for <ipsec@core3.amsl.com>; Wed, 25 Nov 2009 04:01:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.574
X-Spam-Level:
X-Spam-Status: No, score=-2.574 tagged_above=-999 required=5 tests=[AWL=0.025, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1J5t+CKg-aAu for <ipsec@core3.amsl.com>; Wed, 25 Nov 2009 04:01:33 -0800 (PST)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) by core3.amsl.com (Postfix) with ESMTP id 1AFDE3A6A27 for <ipsec@ietf.org>; Wed, 25 Nov 2009 04:01:31 -0800 (PST)
Received: from fireball.kivinen.iki.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.14.3/8.14.3) with ESMTP id nAPC1O5R012891 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Wed, 25 Nov 2009 14:01:24 +0200 (EET)
Received: (from kivinen@localhost) by fireball.kivinen.iki.fi (8.14.3/8.12.11) id nAPC1OFl013962; Wed, 25 Nov 2009 14:01:24 +0200 (EET)
X-Authentication-Warning: fireball.kivinen.iki.fi: kivinen set sender to kivinen@iki.fi using -f
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <19213.7316.277814.1281@fireball.kivinen.iki.fi>
Date: Wed, 25 Nov 2009 14:01:24 +0200
From: Tero Kivinen <kivinen@iki.fi>
To: Yaron Sheffer <yaronf@checkpoint.com>
In-Reply-To: <7F9A6D26EB51614FBF9F81C0DA4CFEC801BDF88DFFE2@il-ex01.ad.checkpoint.com>
References: <7F9A6D26EB51614FBF9F81C0DA4CFEC801BDA1213EAA@il-ex01.ad.checkpoint.com> <7F9A6D26EB51614FBF9F81C0DA4CFEC801BDF88DFFE2@il-ex01.ad.checkpoint.com>
X-Mailer: VM 7.19 under Emacs 21.4.1
X-Edit-Time: 3 min
X-Total-Time: 3 min
Cc: IPsecme WG <ipsec@ietf.org>
Subject: Re: [IPsec] #118: Reference for PKCS #7
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 25 Nov 2009 12:01:34 -0000
Yaron Sheffer writes: > Russ later pointed out that there are multiple RFCs defining PKCS > #7. Inputs on current implementations are welcome. > > PKCS#7 should reference RFC 2315<http://tools.ietf.org/html/rfc2315>. I think the two options is either RFC5652 (latest CMS) or RFC2315 (original PKCS#7). All other of the rfcs have been obsoleted by the RFC5652. I do not know enough of the later CMS versions, but RFC2630 says that it should be backward compatible with RFC2315 expect where it was changed to "accommodate attribute certificate transfer and key agreement techniques for key management". As I do not think we need any of those in IKEv2, I think it is enough to refer to the RFC2315. -- kivinen@iki.fi
- [IPsec] #118: Reference for PKCS #7 Yaron Sheffer
- Re: [IPsec] #118: Reference for PKCS #7 Russ Housley
- Re: [IPsec] #118: Reference for PKCS #7 Yaron Sheffer
- Re: [IPsec] #118: Reference for PKCS #7 Paul Hoffman
- Re: [IPsec] #118: Reference for PKCS #7 Tero Kivinen
- Re: [IPsec] #118: Reference for PKCS #7 Yaron Sheffer
- Re: [IPsec] #118: Reference for PKCS #7 Tero Kivinen