Re: [pkix] New Version Notification for draft-wallace-est-alt-challenge-00.txt

Sean Turner <sean@sn3rd.com> Thu, 01 October 2015 02:16 UTC

Return-Path: <sean@sn3rd.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 072411ACEA5 for <pkix@ietfa.amsl.com>; Wed, 30 Sep 2015 19:16:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZDUMj8LORO4O for <pkix@ietfa.amsl.com>; Wed, 30 Sep 2015 19:16:11 -0700 (PDT)
Received: from mail-qk0-x232.google.com (mail-qk0-x232.google.com [IPv6:2607:f8b0:400d:c09::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4F77B1ACEA4 for <pkix@ietf.org>; Wed, 30 Sep 2015 19:16:11 -0700 (PDT)
Received: by qkas79 with SMTP id s79so26446124qka.0 for <pkix@ietf.org>; Wed, 30 Sep 2015 19:16:10 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sn3rd.com; s=google; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=qCVTFKep3OYj4vgPOEQfIZpD+n4NrmAaTY/k4UATOcM=; b=DyWuufW5rRlp/z8tCXLctEMdVj87ct0TW8NJ3LfdZ/dh00zCuaWjLRHvyOVCogAeas GypKpTc1MbF0YqxW20zSgiccvMSG7NBjsIKrXzNV95UexZw97ypu4UjhDpq+2aadpPUz YjesTWXeoaaBGSOCBZWSVj0ig/lMDtSPrDnTg=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:content-type:mime-version:subject:from :in-reply-to:date:cc:content-transfer-encoding:message-id:references :to; bh=qCVTFKep3OYj4vgPOEQfIZpD+n4NrmAaTY/k4UATOcM=; b=Y+qUs14MwsbyFdILJhx17E6RhOi2Ky4vf+F55OcvurdJtKzJIYPTIGL8lTYHwtTRST PDw/fXlGih2PUBZwAq7eOZA0pEGsMpJwpELrsxTfF6P3e5uMAhhnWQbTHO/8D+dFsb0H jN81iJD7kD64+OAwrfg9ChSYXmZ/6e+O+oBpzNHJipSinan43WhYT2YN1MEZGIPfKRzD Ez3ZoKMli9NQtd6IWOIjKOSi5dk0c5BYztCG0N/PTapNb6/yLK9tGBTrf9wdgR8cim77 ji5d//BYIfTvLOFfb7a0HaUNtZ2iEPnBxO2bn/Pqwt4cDYzBnde4nZVUfvajcLbvcdhd YYWg==
X-Gm-Message-State: ALoCoQkNfKfFK3jrzGsZx2ei+is/xesIyE2lCqXzStJm3VoQcxKfY0Avz6pjxpX3/2Vq+DSrEdqj
X-Received: by 10.55.209.196 with SMTP id o65mr8683265qkl.98.1443665770383; Wed, 30 Sep 2015 19:16:10 -0700 (PDT)
Received: from [172.16.0.112] (pool-173-73-126-188.washdc.east.verizon.net. [173.73.126.188]) by smtp.gmail.com with ESMTPSA id 128sm1510588qhe.9.2015.09.30.19.16.09 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 30 Sep 2015 19:16:09 -0700 (PDT)
Content-Type: text/plain; charset=windows-1252
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Sean Turner <sean@sn3rd.com>
In-Reply-To: <560BBDAE.9070606@cs.tcd.ie>
Date: Wed, 30 Sep 2015 22:16:10 -0400
Content-Transfer-Encoding: quoted-printable
Message-Id: <82D82A48-424A-4080-9538-84A2375DAA10@sn3rd.com>
References: <20150803183532.30514.2647.idtracker@ietfa.amsl.com> <D1E61A8A.3B3AA%carl@redhoundsoftware.com> <560BBDAE.9070606@cs.tcd.ie>
To: IETF PKIX <pkix@ietf.org>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/pkix/KKIFaqjc_YeE51maUmBv2lGlRmM>
Subject: Re: [pkix] New Version Notification for draft-wallace-est-alt-challenge-00.txt
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 01 Oct 2015 02:16:13 -0000

Short to the point - seems like a fine candidate to AD sponsor.  Only one question/comment: 

Don't you need to say which of the DirectoryString choices you’ve got to support.  In other words, don’t you need to include something along the following lines (similar to what’s in RFC 2985):

   These attribute values generated in accordance this document
   SHOULD use the PrintableString encoding whenever possible.
   If internationalization issues make this impossible, the UTF8String
   alternative SHOULD be used.  Attribute processing systems MUST
   be able to recognize and process all string types in DirectoryString
   values.

Note I’m not suggesting the above is correct just that it’s similar to what’s in RFC 2985.

spt

On Sep 30, 2015, at 06:47, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote:

> 
> Folks,
> 
> Carl and Max have asked me to AD sponsor this draft. Since it
> seems like it's almost a bug fix, I'll probably go ahead and
> do that if there are no significant objections here in the next
> couple of weeks (say by Oct 15).
> 
> So if you care about EST, please take a look (it's only 8 pages)
> and say what you think.
> 
> Thanks,
> Stephen.
> 
> On 04/08/15 12:34, Carl Wallace wrote:
>> The draft referenced below may be of interest to some on this list. It
>> defines some new OIDs to disambiguate existing EST challengePassword
>> attribute usage from PKCS #9/legacy usage and defines a new OID to convey
>> a one-time password as an additional value or alternative to the
>> tls-unique mechanism defined in EST.
>> 
>> On 8/3/15, 2:35 PM, "internet-drafts@ietf.org" <internet-drafts@ietf.org>
>> wrote:
>> 
>>> 
>>> A new version of I-D, draft-wallace-est-alt-challenge-00.txt
>>> has been successfully submitted by Carl Wallace and posted to the
>>> IETF repository.
>>> 
>>> Name:		draft-wallace-est-alt-challenge
>>> Revision:	00
>>> Title:		Alternative Challenge Password Attributes for Enrollment over
>>> Secure Transport
>>> Document date:	2015-08-03
>>> Group:		Individual Submission
>>> Pages:		9
>>> URL:            
>>> https://www.ietf.org/internet-drafts/draft-wallace-est-alt-challenge-00.tx
>>> t
>>> Status:         
>>> https://datatracker.ietf.org/doc/draft-wallace-est-alt-challenge/
>>> Htmlized:       
>>> https://tools.ietf.org/html/draft-wallace-est-alt-challenge-00
>>> 
>>> 
>>> Abstract:
>>>  This document defines a set of new Certificate Signing Request
>>>  attributes for use with the Enrollment over Secure Transport (EST)
>>>  protocol.  These attributes provide disambiguation of the existing
>>>  overloaded uses for the PKCS #9 challengePassword attribute.  Uses
>>>  include the original certificate revocation password, common
>>>  authentication password uses, and EST defined linking of transport
>>>  security identity.
>>> 
>>> 
>>> 
>>> 
>>> 
>>> Please note that it may take a couple of minutes from the time of
>>> submission
>>> until the htmlized version and diff are available at tools.ietf.org.
>>> 
>>> The IETF Secretariat
>>> 
>> 
>> 
>> 
>> 
> 
> _______________________________________________
> pkix mailing list
> pkix@ietf.org
> https://www.ietf.org/mailman/listinfo/pkix