Re: [Netconf] regarding keystore and related drafts
Qin Wu <bill.wu@huawei.com> Thu, 08 March 2018 01:26 UTC
Return-Path: <bill.wu@huawei.com>
X-Original-To: netconf@ietfa.amsl.com
Delivered-To: netconf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6B7A51200E5 for <netconf@ietfa.amsl.com>; Wed, 7 Mar 2018 17:26:47 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.231
X-Spam-Level:
X-Spam-Status: No, score=-4.231 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SfcKC6x1yCKr for <netconf@ietfa.amsl.com>; Wed, 7 Mar 2018 17:26:46 -0800 (PST)
Received: from huawei.com (lhrrgout.huawei.com [194.213.3.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2F97912008A for <netconf@ietf.org>; Wed, 7 Mar 2018 17:26:46 -0800 (PST)
Received: from lhreml702-cah.china.huawei.com (unknown [172.18.7.106]) by Forcepoint Email with ESMTP id D7EBC2E031AA3 for <netconf@ietf.org>; Thu, 8 Mar 2018 01:26:42 +0000 (GMT)
Received: from NKGEML414-HUB.china.huawei.com (10.98.56.75) by lhreml702-cah.china.huawei.com (10.201.108.43) with Microsoft SMTP Server (TLS) id 14.3.382.0; Thu, 8 Mar 2018 01:26:44 +0000
Received: from NKGEML513-MBS.china.huawei.com ([169.254.2.231]) by nkgeml414-hub.china.huawei.com ([10.98.56.75]) with mapi id 14.03.0361.001; Thu, 8 Mar 2018 09:26:38 +0800
From: Qin Wu <bill.wu@huawei.com>
To: Kent Watsen <kwatsen@juniper.net>, "netconf@ietf.org" <netconf@ietf.org>
Thread-Topic: regarding keystore and related drafts
Thread-Index: AQHTtM10Ic3/bywG8UKTrdOWuVfDLqPFh27g
Date: Thu, 08 Mar 2018 01:26:37 +0000
Message-ID: <B8F9A780D330094D99AF023C5877DABA9AD7B730@nkgeml513-mbs.china.huawei.com>
References: <A5CA2680-30CE-4135-9692-7064FC7C9B15@juniper.net>
In-Reply-To: <A5CA2680-30CE-4135-9692-7064FC7C9B15@juniper.net>
Accept-Language: zh-CN, en-US
Content-Language: zh-CN
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.136.79.67]
Content-Type: text/plain; charset="gb2312"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-CFilter-Loop: Reflected
Archived-At: <https://mailarchive.ietf.org/arch/msg/netconf/jGcn2dfq44UjMDqPRN2XMuhPNtk>
Subject: Re: [Netconf] regarding keystore and related drafts
X-BeenThere: netconf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Network Configuration WG mailing list <netconf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/netconf>, <mailto:netconf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/netconf/>
List-Post: <mailto:netconf@ietf.org>
List-Help: <mailto:netconf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/netconf>, <mailto:netconf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Mar 2018 01:26:47 -0000
Hi, Kent: Interesting drafts, for crypto types, is it designed for application requiring asymmetric key. I see RFC8177 works for application requiring symmetric key. Would it be great to see crypto types covers all application requiring asymmetric key. For trust anchors, I think this draft is more related to certificates, Do we need to consider certificate file format, e.g., PEM(text format), DER(Binary format) Have we considered different certificate-type,e.g., built in ca certificate, ca issued certificate, local stored certificate, etc. -Qin -----邮件原件----- 发件人: Netconf [mailto:netconf-bounces@ietf.org] 代表 Kent Watsen 发送时间: 2018年3月6日 6:01 收件人: netconf@ietf.org 主题: [Netconf] regarding keystore and related drafts As I recall, we left off with a general dissatisfaction with the keystore module's name and scope of content. A couple of the larger issues were: - why call it "keystore" when it no longer stores keys? - should we factor out the crypto types into a module of its own? So, with this in mind, I just submitted the following two I-Ds as candidate replacements for draft-ietf-netconf-keystore: https://tools.ietf.org/html/draft-kwatsen-netconf-trust-anchors-00 https://tools.ietf.org/html/draft-kwatsen-netconf-crypto-types-00 Comments? We can also discuss this idea some during the meeting in London. Kent // contributor _______________________________________________ Netconf mailing list Netconf@ietf.org https://www.ietf.org/mailman/listinfo/netconf
- [Netconf] regarding keystore and related drafts Kent Watsen
- Re: [Netconf] regarding keystore and related draf… Qin Wu
- Re: [Netconf] regarding keystore and related draf… Kent Watsen
- Re: [Netconf] regarding keystore and related draf… Qin Wu
- Re: [Netconf] regarding keystore and related draf… Kent Watsen
- Re: [Netconf] regarding keystore and related draf… Qin Wu