IETF Logo Mail Archive

Re: Last Call summary for draft-ietf-pkix-cert-utf8

Russ Housley <housley@vigilsec.com> Thu, 13 April 2006 14:50 UTC

Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FU39B-0003aN-6x for pkix-archive@lists.ietf.org; Thu, 13 Apr 2006 10:50:13 -0400
Received: from balder-227.proper.com ([192.245.12.227]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FU399-0007Lr-Lt for pkix-archive@lists.ietf.org; Thu, 13 Apr 2006 10:50:13 -0400
Received: from balder-227.proper.com (localhost [127.0.0.1]) by balder-227.proper.com (8.13.5/8.13.5) with ESMTP id k3DDsSNj043310; Thu, 13 Apr 2006 06:54:28 -0700 (MST) (envelope-from owner-ietf-pkix@mail.imc.org)
Received: (from majordom@localhost) by balder-227.proper.com (8.13.5/8.13.5/Submit) id k3DDsS5x043309; Thu, 13 Apr 2006 06:54:28 -0700 (MST) (envelope-from owner-ietf-pkix@mail.imc.org)
X-Authentication-Warning: balder-227.proper.com: majordom set sender to owner-ietf-pkix@mail.imc.org using -f
Received: from woodstock.binhost.com (woodstock.binhost.com [144.202.243.4]) by balder-227.proper.com (8.13.5/8.13.5) with SMTP id k3DDsQM3043302 for <ietf-pkix@imc.org>; Thu, 13 Apr 2006 06:54:27 -0700 (MST) (envelope-from housley@vigilsec.com)
Received: (qmail 21952 invoked by uid 0); 13 Apr 2006 13:54:21 -0000
Received: from unknown (HELO THINKPADR52.vigilsec.com) (71.246.201.221) by woodstock.binhost.com with SMTP; 13 Apr 2006 13:54:21 -0000
Message-Id: <7.0.0.16.2.20060413094730.058c3a80@vigilsec.com>
X-Mailer: QUALCOMM Windows Eudora Version 7.0.0.16
Date: Thu, 13 Apr 2006 09:54:04 -0400
To: Denis Pinkas <denis.pinkas@bull.net>, ietf-pkix@imc.org
From: Russ Housley <housley@vigilsec.com>
Subject: Re: Last Call summary for draft-ietf-pkix-cert-utf8
Cc: iesg@ietf.org
In-Reply-To: <OF3B05D0E1.737274B2-ONC125714E.0057A66E@frcl.bull.fr>
References: <OF3B05D0E1.737274B2-ONC125714E.0057A66E@frcl.bull.fr>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Sender: owner-ietf-pkix@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
X-Spam-Score: 0.1 (/)
X-Scan-Signature: 9466e0365fc95844abaf7c3f15a05c7d

Denis:

Jim is raising a concern that the SHOULD NOT in your proposed text 
cannot be tested.  What would you say in an interoperability report 
to state conformance.  I belive that Jim is advocating something like:

   Two different subject names might appear (using the same font or
   different fonts) to have the same or close visual representations, thus
   before assigning a subject name to an entity, a CA ought to make an
   effort to avoid assigning a new subject a name that has the same or a
   similar visual representation to names that it has already assigned
   to other certificate subjects.

Russ


At 12:58 PM 4/12/2006, Denis Pinkas wrote:
> >If you want to have a SHALL NOT or a SHOULD NOT in this statement, please
> >provide me an algorithm that I can give to a CA to do this enforcement.
>
>It was stated at the IETF in Paris that there was no perfect solution
>to this problem.
>
>Sam said that there is no consensus to make a specific recommendation
>for mitigating this risk. I agree. Hence, we are not going to provide
>any algorithm. The way to solve this issue is the problem of the CA.
>The requirement remains.

v2.23.0 | Report a Bug | By Email