Re: draft-ietf-pkix-rfc3770bis-01: OID Import
"David P. Kemp" <dpkemp@missi.ncsc.mil> Fri, 15 April 2005 15:07 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA07886 for <pkix-archive@lists.ietf.org>; Fri, 15 Apr 2005 11:07:56 -0400 (EDT)
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j3FEF28D077624; Fri, 15 Apr 2005 07:15:02 -0700 (PDT) (envelope-from owner-ietf-pkix@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id j3FEF21D077623; Fri, 15 Apr 2005 07:15:02 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-pkix@mail.imc.org using -f
Received: from stingray.missi.ncsc.mil ([144.51.50.20]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j3FEF2dA077603 for <ietf-pkix@imc.org>; Fri, 15 Apr 2005 07:15:02 -0700 (PDT) (envelope-from DPKemp@missi.ncsc.mil)
Message-ID: <200504151359.j3FDxWE3004848@stingray.missi.ncsc.mil>
Date: Fri, 15 Apr 2005 10:14:47 -0400
From: "David P. Kemp" <dpkemp@missi.ncsc.mil>
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: ietf-pkix@imc.org
Subject: Re: draft-ietf-pkix-rfc3770bis-01: OID Import
References: <200504150825.j3F8PGB03451@chandon.edelweb.fr>
In-Reply-To: <200504150825.j3F8PGB03451@chandon.edelweb.fr>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 15 Apr 2005 14:14:55.0768 (UTC) FILETIME=[7FC18980:01C541C5]
Sender: owner-ietf-pkix@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
Content-Transfer-Encoding: 7bit
Peter Sylvester wrote: >We are not etalking about pains created by difficulties of correct >organisation of ASN.1 modules or using current and non-obsolete syntax >versions. > > This gets to the real problem. If the entire pkix OID registry (http://www.imc.org/ietf-pkix/pkix-oid.asn) were maintained as an ASN.1 module and always IMPORTed, this would eliminate problems caused by importing modules containing both structures and OIDs when only the OIDs are needed. Given that there is not yet a "pkix-useful-definitions" module, Russ' strategy of local definitions is a reasonable workaround: 1) an OID, once assigned, can never change so there is no danger of an initially-correct copy getting out of sync with the original. (An OID can be deprecated, but its meaning cannot be modified.) 2) the name assigned to an OID has only local scope, and many names can be assigned to the same OID without causing problems (other than confusing readers). One module can locally define "id-bogus-aca" and use that name within the module and still interoperate successfully with a different module that IMPORTs "id-aca" from PKIXAttributeCertificate. Recommendation: create a module containing only PKIX constant definitions (OIDs, bounds, etc). Start importing it into other modules as they are revised for other reasons.
- Re: draft-ietf-pkix-rfc3770bis-01: OID Import Peter Sylvester
- Re: draft-ietf-pkix-rfc3770bis-01: OID Import Peter Sylvester
- Re: draft-ietf-pkix-rfc3770bis-01: OID Import Russ Housley
- Re: draft-ietf-pkix-rfc3770bis-01: OID Import David P. Kemp
- Re: draft-ietf-pkix-rfc3770bis-01: OID Import Peter Sylvester