Re: [IPsec] #118: Reference for PKCS #7

Russ Housley <housley@vigilsec.com> Fri, 30 October 2009 16:43 UTC

Return-Path: <housley@vigilsec.com>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 24AA43A684E for <ipsec@core3.amsl.com>; Fri, 30 Oct 2009 09:43:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.53
X-Spam-Level:
X-Spam-Status: No, score=-101.53 tagged_above=-999 required=5 tests=[AWL=-0.389, BAYES_00=-2.599, HTML_MESSAGE=0.001, MIME_HTML_ONLY=1.457, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id b+U6MLZgiHe5 for <ipsec@core3.amsl.com>; Fri, 30 Oct 2009 09:43:50 -0700 (PDT)
Received: from odin.smetech.net (mail.smetech.net [208.254.26.82]) by core3.amsl.com (Postfix) with ESMTP id D6BA13A682B for <ipsec@ietf.org>; Fri, 30 Oct 2009 09:43:50 -0700 (PDT)
Received: from localhost (unknown [208.254.26.81]) by odin.smetech.net (Postfix) with ESMTP id A9BD79A476D; Fri, 30 Oct 2009 12:44:24 -0400 (EDT)
X-Virus-Scanned: amavisd-new at smetech.net
Received: from odin.smetech.net ([208.254.26.82]) by localhost (ronin.smetech.net [208.254.26.81]) (amavisd-new, port 10024) with ESMTP id MN0dUj8CbYZ5; Fri, 30 Oct 2009 12:44:06 -0400 (EDT)
Received: from THINKPADR52.vigilsec.com (pool-173-66-67-45.washdc.fios.verizon.net [173.66.67.45]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by odin.smetech.net (Postfix) with ESMTP id 912A19A4736; Fri, 30 Oct 2009 12:44:23 -0400 (EDT)
X-Mailer: QUALCOMM Windows Eudora Version 7.1.0.9
Date: Fri, 30 Oct 2009 12:22:04 -0400
To: Yaron Sheffer <yaronf@checkpoint.com>,IPsecme WG <ipsec@ietf.org>
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <7F9A6D26EB51614FBF9F81C0DA4CFEC801BDA1213EAA@il-ex01.ad.ch eckpoint.com>
References: <7F9A6D26EB51614FBF9F81C0DA4CFEC801BDA1213EAA@il-ex01.ad.checkpoint.com>
Mime-Version: 1.0
Content-Type: text/html; charset="us-ascii"
Message-Id: <20091030164423.912A19A4736@odin.smetech.net>
Subject: Re: [IPsec] #118: Reference for PKCS #7
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 30 Oct 2009 16:43:52 -0000

It depends what you are actually doing.  PKCS#7 was the specification developed by RSA Labs.  They turned over change control to the IETF.  The IETF produced RFCs 2630, 3369, 3852, and 5652, all of which are backward compatible with RFC 2315 for the normal use cases.  I believe that all exceptions are addressed in the document.

Russ

At 07:18 PM 10/29/2009, Yaron Sheffer wrote:
Content-Language: en-US
Content-Type: multipart/alternative;
         boundary="_000_7F9A6D26EB51614FBF9F81C0DA4CFEC801BDA1213EAAilex01adche_"

PKCS#7  should reference http://tools.ietf.org/html/rfc2315" rel="nofollow">RFC 2315.