Re: [pkix] I-D Action:draft-ietf-pkix-rfc3161-update-08.txt

[Julien Stern <julien.stern@cryptolog.com>]

Internet-Drafts@ietf.org wrote:
> A New Internet-Draft is available from the on-line Internet-Drafts directories.
> This draft is a work item of the Public-Key Infrastructure (X.509) Working Group of the IETF.
> 
> 
> 	Title           : ESSCertIDv2 update for RFC 3161
> 	Author(s)       : S. Santesson, N. Pope
> 	Filename        : draft-ietf-pkix-rfc3161-update-08.txt
> 	Pages           : 8
> 	Date            : 2009-10-14


Dear all,

Sorry for jumping in late in the discussion.

I disagree with the current proposed addition to the security 
considerations section.

In the various email exchanges on this list as well as on the ESTI ESI 
list, it appears that what is currently under debate is whether the 
ESSCertID is useful from a security standpoint. So people are trying to 
argue about the feasability or the infeasability, as well as the 
practicality and the real-life impact of various certificate 
substitution attacks.

I do not think that this is the point. The point of this update is to 
allow the usage of the ESSCertID v2 (defined in RFC 5035) instead of the 
ESSCertID v1.

I do not think that adding a security consideration that is essentially 
saying "oh, by the way, ESSCertID v2 is essentially useless 
security-wise" when it is meant to be used in S/MIME, PKIX (3161, 5126), 
CAdES, XAdES, PAdES, ECOM, etc fits in such an update. I'm not sure 
either that such an update reflects the largest view of the community...

People are free to believe that ESSCertID (v1 or v2) serves no security 
purpose. Others are free to believe otherwise.

But if the authors truly believe that the ONLY possible attack scenario 
is the one roughly described in the security consideration section, then 
let them prove it. Otherwise, remove the security consideration section. 
(In my humble opinion, it is not correct anyway).

Regards,

--
Julien