[IPsec] ikev2bis issue #183: Replace "X.509" with "PKIX" throughout?

Tero Kivinen <kivinen@iki.fi> Thu, 01 April 2010 12:28 UTC

Return-Path: <kivinen@iki.fi>
X-Original-To: ipsec@core3.amsl.com
Delivered-To: ipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C91133A6FDF for <ipsec@core3.amsl.com>; Thu, 1 Apr 2010 05:28:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.283
X-Spam-Level:
X-Spam-Status: No, score=-1.283 tagged_above=-999 required=5 tests=[AWL=0.186, BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n2pqZm3SkwDG for <ipsec@core3.amsl.com>; Thu, 1 Apr 2010 05:28:40 -0700 (PDT)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) by core3.amsl.com (Postfix) with ESMTP id 163AD3A6F05 for <ipsec@ietf.org>; Thu, 1 Apr 2010 05:18:12 -0700 (PDT)
Received: from fireball.kivinen.iki.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.14.3/8.14.3) with ESMTP id o31CIdu1015378 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Thu, 1 Apr 2010 15:18:39 +0300 (EEST)
Received: (from kivinen@localhost) by fireball.kivinen.iki.fi (8.14.3/8.12.11) id o31CIcld013560; Thu, 1 Apr 2010 15:18:38 +0300 (EEST)
X-Authentication-Warning: fireball.kivinen.iki.fi: kivinen set sender to kivinen@iki.fi using -f
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <19380.36638.347452.173025@fireball.kivinen.iki.fi>
Date: Thu, 01 Apr 2010 15:18:38 +0300
From: Tero Kivinen <kivinen@iki.fi>
To: Paul Hoffman <paul.hoffman@vpnc.org>
In-Reply-To: <p06240809c7d83f45f613@[10.20.30.158]>
References: <p06240809c7d83f45f613@[10.20.30.158]>
X-Mailer: VM 7.19 under Emacs 21.4.1
X-Edit-Time: 2 min
X-Total-Time: 2 min
Cc: IPsecme WG <ipsec@ietf.org>
Subject: [IPsec] ikev2bis issue #183: Replace "X.509" with "PKIX" throughout?
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Apr 2010 12:28:40 -0000

Paul Hoffman writes:
> We use "X.509" when we probably mean "PKIX". That is, we only care
> about the PKIX profile of X.509, not just the base X.509 spec.
> However, X.509 appears in some of the protocol element names. Can we
> change it throughout to PKIX, or are we stuck with the old name? 

Changing the X.509 to PKIX in the protocol elements does not cause any
changes to the protocol, only to the RFC and IANA registry. If we want
to do this change it is possible. I do not have opinion whether we
should do this change or not, I think people reading RFCs, will
automatically substitute X.509 with PKIX anyways... 
-- 
kivinen@iki.fi