RE: Minor OID mistakes in OCSPv2 and the official OID list

["Michael Myers" <myers@coastside.net>]

Russ,

Good to hear of this.  Thanks.  Any chance for an Informational I-D laying
out the OID structure?  I'm willing to help.

Mike



Michael Myers
t: +415.819.1362
e: mailto:mike@traceroutesecurity.com
w: http://www.traceroutesecurity.com

> -----Original Message-----
> From: Russ Housley [mailto:ietf-pkix-oid-reg@imc.org]
> Sent: Tuesday, May 29, 2001 1:05 PM
> To: myers@coastside.net; mike@traceroutesecurity.com
> Cc: ietf-pkix@imc.org
> Subject: RE: Minor OID mistakes in OCSPv2 and the official OID list
>
>
> Mike:
>
> Temporal Data Authority (TDA) has disappeared from the TSP
> document. So, no
> OID is needed for it, and it can be re-assigned. We got luckly this time,
> so I did the reassignment.
>
>       id-kp-OCSPSigning OBJECT IDENTIFIER ::= { id-kp 9 }
>
> Please help avoid future collisions!  In the future, any PKIX document
> editor that needs an OID, please send mail to
> ietf-pkix-oid-reg@imc.org to
> request it.  Do not make a guess at the value that might be assigned!
>
> Regards,
>    Russ
>
>  > >From: "Michael Myers" <myers@coastside.net>
>  > >To: <pgut001@cs.auckland.ac.nz>, <ietf-pkix@imc.org>,
>  > >         <jjacoby@rsasecurity.com>, <myers@coastside.net>
>  > >Subject: RE: Minor OID mistakes in OCSPv2 and the official OID list
>  > >Date: Fri, 18 May 2001 13:01:16 -0700
>  > >X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
>  > >Importance: Normal
>  > >Sender: owner-ietf-pkix@mail.imc.org
>  > >List-Archive: <http://www.imc.org/ietf-pkix/mail-archive/>
>  > >List-ID: <ietf-pkix.imc.org>
>  > >List-Unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
>  > >List-ID: <ietf-pkix.imc.org>
>  > >
>  > >
>  > >On Saturday, May 19, 2001, at the inspiring hour of 3:30 AM,
> Peter Gutman
>  > >advised:
>  > >
>  > > > Given that there are already certs (and lots of software)
>  > > > out there which use the current OID, wouldn't it be better
>  > > > to relocate temporalDataAuthority (what is that anyway?
>  > > > Does anyone use it? It looks like an oddly-named TSA OID).
>  > > >
>  > > > (Given that the OCSP OID is already in active use, I suspect
>  > > > {id-kp 9} will remain "the OCSP OID" even if it's officially
>  > > >  reassigned, this my comment that it's going to be easier for
>  > > > Mohammed to go to the mountain).
>  > > >
>  > > > Peter.
>  > >
>  > >Peter,
>  > >
>  > >Certainly a more pragmatic approach.  As a consequence I've
> spent some time
>  > >today searching across the various current and historical IETF work
> products
>  > >to do kind of an environmental impact assessment of simply
> re-labelling
>  > >{id-kp 9} from "id-kp-temporalDataAuthority" to "id-kp-OCSPSigning".
>  > >
>  > >As it turns out, the notion of a Temporal Data Authority (TDA) and a
>  > >corresponding {id-kp 9} definition was introduced at least by
>  >
> >http://www.ietf.org/proceedings/99jul/I-D/draft-ietf-pkix-time-stamp-02.
> txt.
>  > >However, by the -14 edition the concept went away:
>  > >http://www.ietf.org/internet-drafts/draft-ietf-pkix-time-stamp-14.txt.
>  > >
>  > >So the path seems clear to redefine {id-kp 9} as
> id-kp-OCSPSigning with no
>  > >impact to timestamping implementors.  Doing so would benefit
> standing OCSP
>  > >implementations but does not excuse the OCSP authors, myself
> included, from
>  > >a swift kick in the butt for failing to coordinate across the
> WG on this
>  > >point.
>  > >
>  > >Incidentally, it might be useful to produce the relevant OID
> list into a
>  > >PKIX work product so that once PKIX wraps clues are left
> behind how the
>  > >pieces are supposed to bolt together.
>  > >
>  > >Mike
>  > >
>  > >
>  > >Michael Myers
>  > >t: +415.819.1362
>  > >e: mailto:mike@traceroutesecurity.com
>  > >w: http://www.traceroutesecurity.com
>