Re: (Non-PEM) self-signed certificate

["Robert W. Shirey" <shirey@mitre.org>]

At 12:12 AM 6/11/93 +0000, Hoyt Kesterson wrote:

>My opinions come from my work with the OSI Directory group, the creators of the
>much referenced X.509. I am only just now coming up to speed on what is
>happening in the PEM community. I blissfully assuming that the X.509 intentions
>still hold up here. 
>
>   hoyt

Well, as one of the members of the IRTF's Privacy and Security Research
Group, the creators of PEM, I hope the X.509 gang has time to do some
reading, especially of RFC 1422, "Privacy Enhancement for Internet
Electronic Mail: Part II: Certificate-Based Key Management."  Unless we are
completely wrong, things are about to start moving fairly fast in the
secure mail area.

Although we specified use of X.509 certificates, many Internauts have asked
for changes.  Also, there are definite flaws ("No, sorry old chap, must be
a new work item in the next four year cycle.") in CRLs.  Also, widespread
use of the system will certainly expose other needs, which the IETF will be
compelled to act quickly to meet without worrying about asking CCITT.  By
the by, these are  third generation documents, based on more than six years
of testing with several independent implementations.  Rather a different
approach to standards, no?  And the following is a refreshingly different
way of obtaining copies of standards documents, don't you think?

Regards, -Rob-

Robert W. Shirey, The MITRE Corporation, Mail Stop Z202
7525 Colshire Dr., McLean, Virginia  22102-3481  USA
shirey@mitre.org * tel 703-883-7210 * fax 703-883-1397

----------------------------------------------------------------------------
-----------

1424  Kaliski, B.  Privacy Enhancement for Internet Electronic Mail: Part IV:
      Key Certification and Related Services.  1993 February; 9 p. (Format: 
      TXT=17538 bytes)

1423  Balenson, D.  Privacy Enhancement for Internet Electronic Mail: Part 
      III: Algorithms, Modes, and Identifiers.  1993 February; 14 p. (Format: 
      TXT=33278 bytes)  (Obsoletes RFC 1115)

1422  Kent, S.  Privacy Enhancement for Internet Electronic Mail: Part II: 
      Certificate-Based Key Management.  1993 February; 32 p. (Format: 
      TXT=86086 bytes)  (Obsoletes RFC 1114)

1421  Linn, J.  Privacy Enhancement for Internet Electronic Mail: Part I: 
      Message Encryption and Authentication Procedures  1993 February; 42 p. 
      (Format: TXT=103895 bytes)  (Obsoletes RFC 1113)
----------------------------------------------------------------------------


From: RFC-SERVER@ISI.EDU (RFC-INFO Server)
Reply-To: RFC-MANAGER@ISI.EDU (RFC-INFO System Manager)
Date: Wed Aug 05 06:21:47 PDT 1992

Where and how to get new RFCs
=============================

RFCs may be obtained via EMAIL or FTP from many RFC Repositories. The
Primary Repositories will have the RFC available when it is first
announced, as will many Secondary Repositories. Some Secondary Repositories
may take a few days to make available the most recent RFCs.

Primary Repositories:


RFCs can be obtained via FTP from NIC.DDN.MIL, FTP.NISC.SRI.COM,
NIS.NSF.NET, NISC.JVNC.NET, VENERA.ISI.EDU, WUARCHIVE.WUSTL.EDU,
SRC.DOC.IC.AC.UK, or FTP.CONCERT.NET.

1. NIC.DDN.MIL (aka DIIS.DDN.MIL)

RFCs can be obtained via FTP from NIC.DDN.MIL, with the pathname
rfc/rfcnnnn.txt (where "nnnn" refers to the number of the RFC). Login with
FTP username "anonymous" and password "guest". 

contact: ScottW@NIC.DDN.MIL


2. FTP.NISC.SRI.COM

RFCs can be obtained via FTP from FTP.NISC.SRI.COM, with the pathname
rfc/rfcnnnn.txt or rfc/rfcnnnn.ps (where "nnnn" refers to the number of the
RFC). Login with FTP username "anonymous" and password "guest". To obtain
the RFC Index, use the pathname rfc/rfc-index.txt. 

SRI also provides an automatic mail service for those sites which cannot
use FTP. Address the request to MAIL-SERVER@NISC.SRI.COM and in the body of
the message indicate the RFC to be sent: "send rfcNNNN" or "send
rfcNNNN.ps" where NNNN is the RFC number. Multiple requests may be included
in the same message by listing the "send" commands on separate lines. To
request the RFC Index, the command should read: send rfc-index.

contact: rfc-update@nisc.sri.com


3. NIS.NSF.NET

To obtain RFCs from NIS.NSF.NET via FTP, login with username "anonymous"
and password "guest"; then connect to the directory of RFCs with cd
/internet/documents/rfc. The file name is of the form rfcnnnn.txt (where
"nnnn" refers to the RFC number). 

For sites without FTP capability, electronic mail query is available from
NIS.NSF.NET. Address the request to NIS-INFO@NIS.NSF.NET and leave the
subject field of the message blank. The first text line of the message must
be "send rfcnnnn.txt" with nnnn the RFC number. 

contact: rfc-mgr@merit.edu


4. NISC.JVNC.NET

RFCs can also be obtained via FTP from NISC.JVNC.NET, with the pathname
rfc/RFCnnnn.TXT.v (where "nnnn" refers to the number of the RFC and "v"
refers to the version number of the RFC). 

JvNCnet also provides a mail service for those sites which cannot use FTP.
Address the request to SENDRFC@JVNC.NET and in the subject field of the
message indicate the RFC number, as in "Subject: RFCnnnn" where nnnn is the
RFC number. Please note that RFCs whose number are less than 1000 need not
place a "0". (For example, RFC932 is fine.) No text in the body of the
message is needed. 

contact: Becker@NISC.JVNC.NET


5. VENERA.ISI.EDU

RFCs can be obtained via FTP from VENERA.ISI.EDU, with the pathname
in-notes/rfcnnnn.txt (where "nnnn" refers to the number of the RFC). Login
with FTP username "anonymous" and password "guest". 

RFCs can also be obtained via electronic mail from VENERA.ISI.EDU by using
the RFC-INFO service. Address the request to "rfc-info@isi.edu" with a
message body of:

        Retrieve: RFC
         Doc-ID: RFCnnnn

(Where "nnnn" refers to the number of the RFC (always use 4 digits - the
DOC-ID of RFC-822 is "RFC0822")). The RFC-INFO@ISI.EDU server provides
other ways of selecting RFCs based on keywords and such; for more
information send a message to "rfc-info@isi.edu" with the message body
"help: help".

contact: RFC-Manager@ISI.EDU


6. WUARCHIVE.WUSTL.EDU

RFCs can also be obtained via FTP from WUARCHIVE.WUSTL.EDU, with the
pathname info/rfc/rfcnnnn.txt.Z (where "nnnn" refers to the number of the
RFC and "Z" indicates that the document is in compressed form). 

At WUARCHIVE.WUSTL.EDU the RFCs are in an "archive" file system and various
archives can be mounted as part of an NFS file system. Please contact Chris
Myers (chris@wugate.wustl.edu) if you want to mount this file system in
your NFS.

contact: chris@wugate.wustl.edu


7. SRC.DOC.IC.AC.UK

RFCs can be obtained via FTP from SRC.DOC.IC.AC.UK with the pathname
rfc/rfcnnnn.txt.Z or rfc/rfcnnnn.ps.Z (where "nnnn" refers to the number of
the RFC). Login with FTP username "anonymous" and password
"your-email-address". To obtain the RFC Index, use the pathname
rfc/rfc-index.txt.Z. (The trailing .Z indicates that the document is in
compressed form.)

SRC.DOC.IC.AC.UK also provides an automatic mail service for those sites in
the UK which cannot use FTP. Address the request to
info-server@doc.ic.ac.uk with a Subject: line of "wanted" and a message
body of:

request sources
topic path rfc/rfcnnnn.txt.Z
request end

(Where "nnnn" refers to the number of the RFC.) Multiple requests may be
included in the same message by giving multiple "topic path" commands on
separate lines. To request the RFC Index, the command should read: topic
path rfc/rfc-index.txt.Z 

The archive is also available using NIFTP and the ISO FTAM system. 

contact: ukuug-soft@doc.ic.ac.uk


8. FTP.CONCERT.NET

To obtain RFCs from FTP.CONCERT.NET via FTP, login with username
"anonymous" and your internet e-mail address as password. The RFCs can be
found in the directory /rfc, with file names of the form: rfcNNNN.txt or
rfcNNNN.ps where NNNN refers to the RFC number. 

This repository is also accessible via WAIS and the Internet Gopher. 

contact: rfc-mgr@concert.net


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 

Secondary Repositories:


Sweden
------
        Host:           sunic.sunet.se
        Directory:      rfc

        Host:           chalmers.se
        Directory:      rfc


Germany
-------
        Site:           University of Dortmund
        Host:           walhalla.informatik.uni-dortmund.de     Directory: 
    pub/documentation/rfc
        Notes:          RFCs in compressed format


France
------
        Site:           Institut National de la Recherche en Informatique  
                    et Automatique (INRIA)
        Address:        info-server@inria.fr
        Notes:          RFCs are available via email to the above          
            address. Info Server manager is Mireille                       
Yamajako (yamajako@inria.fr).


Netherlands
-----------
        Site:           EUnet
        Host:           mcsun.eu.net
        Directory:      rfc
        Notes:          RFCs in compressed format.


Finland
-------
        Site:           FUNET
        Host:           funet.fi
        Directory:      rfc
        Notes:          RFCs in compressed format. Also provides           
            email access by sending mail to
                        archive-server@funet.fi.


Norway
------
        Host:           ugle.unit.no
        Directory:      pub/rfc


Denmark
-------
        Site:           University of Copenhagen
        Host:           ftp.diku.dk (freja.diku.dk)
        Directory:      rfc


Australia and Pacific Rim
-------------------------

        Site:           munnari
        Contact:        Robert Elz <kre@cs.mu.OZ.AU>
        Host:           munnari.oz.au
        Directory:      rfc
                        rfc's in compressed format rfcNNNN.Z
                        postscript rfc's rfcNNNN.ps.Z


United States
-------------

        Site:   cerfnet
Contact:        help@cerf.net
        Host:   nic.cerf.net
Directory:      netinfo/rfc


        Site:   uunet
Contact:        James Revell <revell@uunet.uu.net>
Host:   fto.uu.net
Directory:      inet/rfc


United States / Mexico
----------------------

        Site:   SESQUINET
        Contact:        rfc-mgr@sesqui.net
        Host:   nic.sesqui.net
        Directory:      pub/rfc


UUNET Archive
-------------

UUNET archive, which includes the RFC's, various IETF documents, and other
information regarding the internet, is available to the public via
anonymous ftp (to ftp.uu.net) and anonymous uucp, and will be available via
an anonymous kermit server soon. Get the file /archive/inet/ls-lR.Z for a
listing of these documents. 

Any site in the US running UUCP may call +1 900 GOT SRCS and use the login
"uucp". There is no password. The phone company will bill you at $0.50 per
minute for the call. The 900 number only works from within the US.


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ 

Requests for special distribution of RFCs should be addressed to either the
author of the RFC in question, to NIC@NIC.DDN.MIL, or to NISC@NISC.SRI.COM.

Submissions for Requests for Comments should be sent to POSTEL@ISI.EDU.
Please consult RFC 1111, "Instructions to RFC Authors", for further
information.

Requests to be added to or deleted from this distribution list should be
sent to RFC-REQUEST@NIC.DDN.MIL.

Changes to this file "rfc-retrieval.txt" should be sent to Joyce K.
Reynolds (JKRey@ISI.EDU).

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~