Re: [ldapext] New Version Notification for draft-seantek-ldap-pkcs9-04.txt
Sean Leonard <dev+ietf@seantek.com> Wed, 16 March 2016 14:12 UTC
Return-Path: <dev+ietf@seantek.com>
X-Original-To: ldapext@ietfa.amsl.com
Delivered-To: ldapext@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA84C12D56F for <ldapext@ietfa.amsl.com>; Wed, 16 Mar 2016 07:12:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3Uz2JQxo9LTH for <ldapext@ietfa.amsl.com>; Wed, 16 Mar 2016 07:12:18 -0700 (PDT)
Received: from mxout-08.mxes.net (mxout-08.mxes.net [216.86.168.183]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 97B1312D509 for <ldapext@ietf.org>; Wed, 16 Mar 2016 07:12:18 -0700 (PDT)
Received: from [192.168.123.7] (unknown [75.83.2.34]) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by smtp.mxes.net (Postfix) with ESMTPSA id CA35550A88; Wed, 16 Mar 2016 10:12:16 -0400 (EDT)
To: Simo Sorce <simo@redhat.com>, Barry Leiba <barryleiba@computer.org>
References: <20160312172032.21235.1985.idtracker@ietfa.amsl.com> <56E45093.1090104@seantek.com> <CAC4RtVCPXuYndv_D5EA2XWaC2t4EBC0rg0CXKRPXBkiO1ceY0A@mail.gmail.com> <1458135247.26218.36.camel@redhat.com>
From: Sean Leonard <dev+ietf@seantek.com>
Message-ID: <56E96A24.3000701@seantek.com>
Date: Wed, 16 Mar 2016 07:13:56 -0700
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.6.0
MIME-Version: 1.0
In-Reply-To: <1458135247.26218.36.camel@redhat.com>
Content-Type: text/plain; charset="utf-8"; format="flowed"
Content-Transfer-Encoding: 7bit
Archived-At: <http://mailarchive.ietf.org/arch/msg/ldapext/GTI7W7_Vd-oTN9BtEJDHmbgzmKc>
Cc: ldapext <ldapext@ietf.org>
Subject: Re: [ldapext] New Version Notification for draft-seantek-ldap-pkcs9-04.txt
X-BeenThere: ldapext@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: LDAP Extension Working Group <ldapext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ldapext>, <mailto:ldapext-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ldapext/>
List-Post: <mailto:ldapext@ietf.org>
List-Help: <mailto:ldapext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ldapext>, <mailto:ldapext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Mar 2016 14:12:20 -0000
On 3/16/2016 6:34 AM, Simo Sorce wrote: > On Tue, 2016-03-15 at 19:11 +0000, Barry Leiba wrote: >> Yes, I had thought this might wait for a resurrection of an ldapext >> working group, but that seems to have stalled. I'm happy to >> AD-sponsor this to get the registration done, but I'd like some review >> and comment from the LDAP folks, and this is the place for that. Will >> some of you please take a look at Sean's draft and comment? > I haven't done proper full review, but I thought aliases was frowned > upon these days and I see quite a few one(few) char aliases in there, > why do we need such aliases ? This draft documents the existing practice of security implementations, including MS CryptoAPI and OpenSSL. This should be evaluated through the lens of "backwards or long-term systems compatibility", not the lens of "these days" (in the LDAP community). PKIX enabled systems (read: OpenSSL) use LDAP strings (RFC 4514) to serialize and de-serialize the Distinguished Names in certificates. Parity is required and the only registry is the LDAP Parameters / Object Identifier Descriptors registry. These strings have migrated to cross-systems protocols. See, e.g., draft-martin-authentication-results-tls. Using "e" for emailAddress = 1.2.840.113549.1.9.1, for example, is simply an historical fact. This reminds me, I should probably include a note about "gn" (givenName) in a future draft. Best regards, Sean > > Simo. > >> Thanks, >> Barry, ART AD for another few weeks >> >> On Sat, Mar 12, 2016 at 5:23 PM, Sean Leonard <dev+ietf@seantek.com> wrote: >>> This is a friendly reminder that the LDAP PKCS #9 registration >>> Internet-Draft is still a live issue. >>> >>> Sean >>> >>> -------- Forwarded Message -------- >>> Subject: New Version Notification for draft-seantek-ldap-pkcs9-04.txt >>> Date: Sat, 12 Mar 2016 09:20:32 -0800 >>> From: internet-drafts@ietf.org >>> >>> >>> >>> A new version of I-D, draft-seantek-ldap-pkcs9-04.txt >>> has been successfully submitted by Sean Leonard and posted to the >>> IETF repository. >>> >>> Name: draft-seantek-ldap-pkcs9 >>> Revision: 04 >>> Title: Lightweight Directory Access Protocol (LDAP) Registrations >>> for PKCS #9 >>> Document date: 2016-03-12 >>> Group: Individual Submission >>> Pages: 7 >>> URL: >>> https://www.ietf.org/internet-drafts/draft-seantek-ldap-pkcs9-04.txt >>> Status: https://datatracker.ietf.org/doc/draft-seantek-ldap-pkcs9/ >>> Htmlized: https://tools.ietf.org/html/draft-seantek-ldap-pkcs9-04 >>> Diff: >>> https://www.ietf.org/rfcdiff?url2=draft-seantek-ldap-pkcs9-04 >>> >>> Abstract: >>> PKCS #9 includes several useful definitions that are not yet >>> reflected in the LDAP IANA registry. This document adds those >>> definitions to the IANA registry. >>> >>> _______________________________________________ >>> Ldapext mailing list >>> Ldapext@ietf.org >>> https://www.ietf.org/mailman/listinfo/ldapext >> _______________________________________________ >> Ldapext mailing list >> Ldapext@ietf.org >> https://www.ietf.org/mailman/listinfo/ldapext >
- [ldapext] New Version Notification for draft-sean… Sean Leonard
- Re: [ldapext] New Version Notification for draft-… Barry Leiba
- Re: [ldapext] New Version Notification for draft-… Simo Sorce
- Re: [ldapext] New Version Notification for draft-… Sean Leonard