Re: draft-ietf-pkix-rfc3770bis-01: OID Import
Peter Sylvester <Peter.Sylvester@edelweb.fr> Fri, 15 April 2005 09:01 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id FAA09210 for <pkix-archive@lists.ietf.org>; Fri, 15 Apr 2005 05:01:31 -0400 (EDT)
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j3F8PKp1083822; Fri, 15 Apr 2005 01:25:20 -0700 (PDT) (envelope-from owner-ietf-pkix@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id j3F8PKqo083821; Fri, 15 Apr 2005 01:25:20 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-pkix@mail.imc.org using -f
Received: from edelweb.fr (edelweb.fr [212.234.46.16]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j3F8PIMf083805 for <ietf-pkix@imc.org>; Fri, 15 Apr 2005 01:25:18 -0700 (PDT) (envelope-from Peter.Sylvester@edelweb.fr)
Received: from chandon.edelweb.fr (localhost [127.0.0.1]) by edelweb.fr (8.11.7p1+Sun/8.11.7) with ESMTP id j3F8PHn07998; Fri, 15 Apr 2005 10:25:17 +0200 (MEST)
Received: from chandon.edelweb.fr (chandon.edelweb.fr [193.51.14.162]) by edelweb.fr (nospam/2.0); Fri, 15 Apr 2005 10:25:17 +0200 (MET DST)
Received: (from peter@localhost) by chandon.edelweb.fr (8.11.7p1+Sun/8.11.7) id j3F8PGB03451; Fri, 15 Apr 2005 10:25:16 +0200 (MEST)
Date: Fri, 15 Apr 2005 10:25:16 +0200
From: Peter Sylvester <Peter.Sylvester@edelweb.fr>
Message-Id: <200504150825.j3F8PGB03451@chandon.edelweb.fr>
To: Peter.Sylvester@edelweb.fr, housley@vigilsec.com
Subject: Re: draft-ietf-pkix-rfc3770bis-01: OID Import
Cc: ietf-pkix@imc.org
X-Sun-Charset: US-ASCII
Sender: owner-ietf-pkix@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
> > > >Now you say that it is not a matter of taste. > > No. I shared the reason that I prefer to include the OIDs rather than > IMPORTing them. They both work. I say that what you give as a reason is not a matter of taste. And your reasoning tries to just justify technical hack. What you are technically doing is to define a new element in the pkix kp arc in this module. I have not see that you have obtained authorisation to do this from the owner of the pkix kp arc. > >By the way, further down the example is an import of something that is NOT > >SIMPLE. > > > >Using this technique requires to keep track of all copies, and IF a > >copied definitions changes slightly in the main definition module > >THEN you get inconsistencies. > > True. Neither of the alternatives is perfect. They have different kinds > of pain. There is nothing wrong in IMPORT in this particular case. IMO it is PERFECTLY in line with all (what I know) of ASN1 etc. We are not etalking about pains created by difficulties of correct organisation of ASN.1 modules or using current and non-obsolete syntax versions. > > > I have had to make edits to old ASN.1 modules to avoid errors that are > > > introduced when one modules imports stuff from another that imports stuff > > > from another that imports stuff from another. The changes are almost > > > always in parts that are not needed for the part that is needed. I'll > > give > > > a recent example. > > > > > > RFC 2634 imports from CMS. The ASN.1 module says: > > > > > > -- RFC 2630: Cryptographic Message Syntax (CMS) > > > ContentType, IssuerAndSerialNumber, SubjectKeyIdentifier > > > FROM CryptographicMessageSyntax > > > { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) > > > pkcs-9(9) smime(16) modules(0) cms(1) } > > > > > > I needed to change this to: > > > > > > -- RFC 3852: Cryptographic Message Syntax (CMS) > > > ContentType, IssuerAndSerialNumber, SubjectKeyIdentifier > > > FROM CryptographicMessageSyntax2004 > > > { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) > > > pkcs-9(9) smime(16) modules(0) cms-2004(24) } > > > > > > Why? It did not have anything to do with ContentType, > > > IssuerAndSerialNumber, or SubjectKeyIdentifier. It had to do with > > > something else in the RFC 2630 module. > > > >Do you mean the usage of 'Name' which is used in IssuerAndSerialNumber? > >You don't change the definition of a module. You make a new one. > >I don't see the point. > > This module also had in import from RFC 3280, and the RFC 2634 imported > from RFC 2630, which had an import from RFC 2459, there was some > conflict. I do not recall more detail than that. By shifting the import > to RFC 3852, the subordinate import shifted to RFC 3280, resolving the > conflict. Sorry, arguments that are not explained have no meaning to me. Anyway, if there was a problem and a REAL conflict, i.e. a different definition, then duplication of the elements using same name would have created more problems because you don't keep track. if in your case the definitions do not change, I don't see why you need to import then from a different place.
- Re: draft-ietf-pkix-rfc3770bis-01: OID Import Peter Sylvester
- Re: draft-ietf-pkix-rfc3770bis-01: OID Import Peter Sylvester
- Re: draft-ietf-pkix-rfc3770bis-01: OID Import Russ Housley
- Re: draft-ietf-pkix-rfc3770bis-01: OID Import David P. Kemp
- Re: draft-ietf-pkix-rfc3770bis-01: OID Import Peter Sylvester