Re: (Non-PEM) self-signed certificate
"Robert W. Shirey" <shirey@mitre.org> Fri, 11 June 1993 12:43 UTC
Received: from ietf.nri.reston.va.us by IETF.CNRI.Reston.VA.US id aa04634; 11 Jun 93 8:43 EDT
Received: from CNRI.RESTON.VA.US by IETF.CNRI.Reston.VA.US id aa04627; 11 Jun 93 8:43 EDT
Received: from TIS.COM by CNRI.Reston.VA.US id aa08338; 11 Jun 93 8:43 EDT
Received: by TIS.COM (4.1/SUN-5.64) id AA24694; Fri, 11 Jun 93 08:44:50 EDT
Received: from mwunix.mitre.org by TIS.COM (4.1/SUN-5.64) id AA24688; Fri, 11 Jun 93 08:44:48 EDT
Received: from smiley.mitre.org.sit (smiley.mitre.org) by mwunix.mitre.org (5.65c/SMI-2.2) id AA09603; Fri, 11 Jun 1993 08:43:18 -0400
Received: from [128.29.140.100] (shirey-mac.mitre.org) by smiley.mitre.org.sit (4.1/SMI-4.1) id AA15948; Fri, 11 Jun 93 08:42:06 EDT
Message-Id: <9306111242.AA15948@smiley.mitre.org.sit>
Date: Fri, 11 Jun 1993 08:44:04 -0500
To: Hoyt Kesterson <hoyt_kesterson@ppd-smtp.az05.bull.com>, pem-dev@tis.com
Sender: ietf-archive-request@IETF.CNRI.Reston.VA.US
From: "Robert W. Shirey" <shirey@mitre.org>
X-Sender: shirey@128.29.140.20
Subject: Re: (Non-PEM) self-signed certificate
Cc: pem-dev@tis.com
X-Orig-Sender: pem-dev-relay@tis.com
At 12:12 AM 6/11/93 +0000, Hoyt Kesterson wrote: >My opinions come from my work with the OSI Directory group, the creators of the >much referenced X.509. I am only just now coming up to speed on what is >happening in the PEM community. I blissfully assuming that the X.509 intentions >still hold up here. > > hoyt Well, as one of the members of the IRTF's Privacy and Security Research Group, the creators of PEM, I hope the X.509 gang has time to do some reading, especially of RFC 1422, "Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management." Unless we are completely wrong, things are about to start moving fairly fast in the secure mail area. Although we specified use of X.509 certificates, many Internauts have asked for changes. Also, there are definite flaws ("No, sorry old chap, must be a new work item in the next four year cycle.") in CRLs. Also, widespread use of the system will certainly expose other needs, which the IETF will be compelled to act quickly to meet without worrying about asking CCITT. By the by, these are third generation documents, based on more than six years of testing with several independent implementations. Rather a different approach to standards, no? And the following is a refreshingly different way of obtaining copies of standards documents, don't you think? Regards, -Rob- Robert W. Shirey, The MITRE Corporation, Mail Stop Z202 7525 Colshire Dr., McLean, Virginia 22102-3481 USA shirey@mitre.org * tel 703-883-7210 * fax 703-883-1397 ---------------------------------------------------------------------------- ----------- 1424 Kaliski, B. Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services. 1993 February; 9 p. (Format: TXT=17538 bytes) 1423 Balenson, D. Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers. 1993 February; 14 p. (Format: TXT=33278 bytes) (Obsoletes RFC 1115) 1422 Kent, S. Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management. 1993 February; 32 p. (Format: TXT=86086 bytes) (Obsoletes RFC 1114) 1421 Linn, J. Privacy Enhancement for Internet Electronic Mail: Part I: Message Encryption and Authentication Procedures 1993 February; 42 p. (Format: TXT=103895 bytes) (Obsoletes RFC 1113) ---------------------------------------------------------------------------- From: RFC-SERVER@ISI.EDU (RFC-INFO Server) Reply-To: RFC-MANAGER@ISI.EDU (RFC-INFO System Manager) Date: Wed Aug 05 06:21:47 PDT 1992 Where and how to get new RFCs ============================= RFCs may be obtained via EMAIL or FTP from many RFC Repositories. The Primary Repositories will have the RFC available when it is first announced, as will many Secondary Repositories. Some Secondary Repositories may take a few days to make available the most recent RFCs. Primary Repositories: RFCs can be obtained via FTP from NIC.DDN.MIL, FTP.NISC.SRI.COM, NIS.NSF.NET, NISC.JVNC.NET, VENERA.ISI.EDU, WUARCHIVE.WUSTL.EDU, SRC.DOC.IC.AC.UK, or FTP.CONCERT.NET. 1. NIC.DDN.MIL (aka DIIS.DDN.MIL) RFCs can be obtained via FTP from NIC.DDN.MIL, with the pathname rfc/rfcnnnn.txt (where "nnnn" refers to the number of the RFC). Login with FTP username "anonymous" and password "guest". contact: ScottW@NIC.DDN.MIL 2. FTP.NISC.SRI.COM RFCs can be obtained via FTP from FTP.NISC.SRI.COM, with the pathname rfc/rfcnnnn.txt or rfc/rfcnnnn.ps (where "nnnn" refers to the number of the RFC). Login with FTP username "anonymous" and password "guest". To obtain the RFC Index, use the pathname rfc/rfc-index.txt. SRI also provides an automatic mail service for those sites which cannot use FTP. Address the request to MAIL-SERVER@NISC.SRI.COM and in the body of the message indicate the RFC to be sent: "send rfcNNNN" or "send rfcNNNN.ps" where NNNN is the RFC number. Multiple requests may be included in the same message by listing the "send" commands on separate lines. To request the RFC Index, the command should read: send rfc-index. contact: rfc-update@nisc.sri.com 3. NIS.NSF.NET To obtain RFCs from NIS.NSF.NET via FTP, login with username "anonymous" and password "guest"; then connect to the directory of RFCs with cd /internet/documents/rfc. The file name is of the form rfcnnnn.txt (where "nnnn" refers to the RFC number). For sites without FTP capability, electronic mail query is available from NIS.NSF.NET. Address the request to NIS-INFO@NIS.NSF.NET and leave the subject field of the message blank. The first text line of the message must be "send rfcnnnn.txt" with nnnn the RFC number. contact: rfc-mgr@merit.edu 4. NISC.JVNC.NET RFCs can also be obtained via FTP from NISC.JVNC.NET, with the pathname rfc/RFCnnnn.TXT.v (where "nnnn" refers to the number of the RFC and "v" refers to the version number of the RFC). JvNCnet also provides a mail service for those sites which cannot use FTP. Address the request to SENDRFC@JVNC.NET and in the subject field of the message indicate the RFC number, as in "Subject: RFCnnnn" where nnnn is the RFC number. Please note that RFCs whose number are less than 1000 need not place a "0". (For example, RFC932 is fine.) No text in the body of the message is needed. contact: Becker@NISC.JVNC.NET 5. VENERA.ISI.EDU RFCs can be obtained via FTP from VENERA.ISI.EDU, with the pathname in-notes/rfcnnnn.txt (where "nnnn" refers to the number of the RFC). Login with FTP username "anonymous" and password "guest". RFCs can also be obtained via electronic mail from VENERA.ISI.EDU by using the RFC-INFO service. Address the request to "rfc-info@isi.edu" with a message body of: Retrieve: RFC Doc-ID: RFCnnnn (Where "nnnn" refers to the number of the RFC (always use 4 digits - the DOC-ID of RFC-822 is "RFC0822")). The RFC-INFO@ISI.EDU server provides other ways of selecting RFCs based on keywords and such; for more information send a message to "rfc-info@isi.edu" with the message body "help: help". contact: RFC-Manager@ISI.EDU 6. WUARCHIVE.WUSTL.EDU RFCs can also be obtained via FTP from WUARCHIVE.WUSTL.EDU, with the pathname info/rfc/rfcnnnn.txt.Z (where "nnnn" refers to the number of the RFC and "Z" indicates that the document is in compressed form). At WUARCHIVE.WUSTL.EDU the RFCs are in an "archive" file system and various archives can be mounted as part of an NFS file system. Please contact Chris Myers (chris@wugate.wustl.edu) if you want to mount this file system in your NFS. contact: chris@wugate.wustl.edu 7. SRC.DOC.IC.AC.UK RFCs can be obtained via FTP from SRC.DOC.IC.AC.UK with the pathname rfc/rfcnnnn.txt.Z or rfc/rfcnnnn.ps.Z (where "nnnn" refers to the number of the RFC). Login with FTP username "anonymous" and password "your-email-address". To obtain the RFC Index, use the pathname rfc/rfc-index.txt.Z. (The trailing .Z indicates that the document is in compressed form.) SRC.DOC.IC.AC.UK also provides an automatic mail service for those sites in the UK which cannot use FTP. Address the request to info-server@doc.ic.ac.uk with a Subject: line of "wanted" and a message body of: request sources topic path rfc/rfcnnnn.txt.Z request end (Where "nnnn" refers to the number of the RFC.) Multiple requests may be included in the same message by giving multiple "topic path" commands on separate lines. To request the RFC Index, the command should read: topic path rfc/rfc-index.txt.Z The archive is also available using NIFTP and the ISO FTAM system. contact: ukuug-soft@doc.ic.ac.uk 8. FTP.CONCERT.NET To obtain RFCs from FTP.CONCERT.NET via FTP, login with username "anonymous" and your internet e-mail address as password. The RFCs can be found in the directory /rfc, with file names of the form: rfcNNNN.txt or rfcNNNN.ps where NNNN refers to the RFC number. This repository is also accessible via WAIS and the Internet Gopher. contact: rfc-mgr@concert.net ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Secondary Repositories: Sweden ------ Host: sunic.sunet.se Directory: rfc Host: chalmers.se Directory: rfc Germany ------- Site: University of Dortmund Host: walhalla.informatik.uni-dortmund.de Directory: pub/documentation/rfc Notes: RFCs in compressed format France ------ Site: Institut National de la Recherche en Informatique et Automatique (INRIA) Address: info-server@inria.fr Notes: RFCs are available via email to the above address. Info Server manager is Mireille Yamajako (yamajako@inria.fr). Netherlands ----------- Site: EUnet Host: mcsun.eu.net Directory: rfc Notes: RFCs in compressed format. Finland ------- Site: FUNET Host: funet.fi Directory: rfc Notes: RFCs in compressed format. Also provides email access by sending mail to archive-server@funet.fi. Norway ------ Host: ugle.unit.no Directory: pub/rfc Denmark ------- Site: University of Copenhagen Host: ftp.diku.dk (freja.diku.dk) Directory: rfc Australia and Pacific Rim ------------------------- Site: munnari Contact: Robert Elz <kre@cs.mu.OZ.AU> Host: munnari.oz.au Directory: rfc rfc's in compressed format rfcNNNN.Z postscript rfc's rfcNNNN.ps.Z United States ------------- Site: cerfnet Contact: help@cerf.net Host: nic.cerf.net Directory: netinfo/rfc Site: uunet Contact: James Revell <revell@uunet.uu.net> Host: fto.uu.net Directory: inet/rfc United States / Mexico ---------------------- Site: SESQUINET Contact: rfc-mgr@sesqui.net Host: nic.sesqui.net Directory: pub/rfc UUNET Archive ------------- UUNET archive, which includes the RFC's, various IETF documents, and other information regarding the internet, is available to the public via anonymous ftp (to ftp.uu.net) and anonymous uucp, and will be available via an anonymous kermit server soon. Get the file /archive/inet/ls-lR.Z for a listing of these documents. Any site in the US running UUCP may call +1 900 GOT SRCS and use the login "uucp". There is no password. The phone company will bill you at $0.50 per minute for the call. The 900 number only works from within the US. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Requests for special distribution of RFCs should be addressed to either the author of the RFC in question, to NIC@NIC.DDN.MIL, or to NISC@NISC.SRI.COM. Submissions for Requests for Comments should be sent to POSTEL@ISI.EDU. Please consult RFC 1111, "Instructions to RFC Authors", for further information. Requests to be added to or deleted from this distribution list should be sent to RFC-REQUEST@NIC.DDN.MIL. Changes to this file "rfc-retrieval.txt" should be sent to Joyce K. Reynolds (JKRey@ISI.EDU). ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
- Re: (Non-PEM) self-signed certificate Hoyt Kesterson
- Re: (Non-PEM) self-signed certificate Robert W. Shirey
- Re: (Non-PEM) self-signed certificate Carl Ellison
- Re: (Non-PEM) self-signed certificate Stephen D Crocker
- Re: (Non-PEM) self-signed certificate Carl Ellison