Re: [pkix] I-D Action: draft-ietf-pkix-rfc2560bis-20.txt
Stefan Santesson <stefan@aaa-sec.com> Tue, 16 April 2013 08:10 UTC
Return-Path: <stefan@aaa-sec.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A4A9021F967F for <pkix@ietfa.amsl.com>; Tue, 16 Apr 2013 01:10:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.249
X-Spam-Level:
X-Spam-Status: No, score=-102.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_SE=0.35, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T85IYGxWeL1T for <pkix@ietfa.amsl.com>; Tue, 16 Apr 2013 01:10:39 -0700 (PDT)
Received: from s87.loopia.se (s87.loopia.se [194.9.95.113]) by ietfa.amsl.com (Postfix) with ESMTP id BA93421F9672 for <pkix@ietf.org>; Tue, 16 Apr 2013 01:10:37 -0700 (PDT)
Received: from s87.loopia.se (localhost [127.0.0.1]) by s87.loopia.se (Postfix) with ESMTP id 6425920DD205 for <pkix@ietf.org>; Tue, 16 Apr 2013 10:10:35 +0200 (CEST)
X-Virus-Scanned: amavisd-new at outgoing-smtp.loopia.se
Received: from s87.loopia.se ([127.0.0.1]) by s87.loopia.se (s87.loopia.se [127.0.0.1]) (amavisd-new, port 10024) with LMTP id vMeVbXKPpUQ5 for <pkix@ietf.org>; Tue, 16 Apr 2013 10:10:35 +0200 (CEST)
Received: from s327.loopia.se (s34.loopia.se [194.9.94.70]) by s87.loopia.se (Postfix) with ESMTP id 095ED20DD1DE for <pkix@ietf.org>; Tue, 16 Apr 2013 10:10:35 +0200 (CEST)
Received: (qmail 36081 invoked from network); 16 Apr 2013 08:10:34 -0000
Received: from gw.aaa-sec.ideon.se (HELO [192.168.1.4]) (stefan@fiddler.nu@[85.235.7.89]) (envelope-sender <stefan@aaa-sec.com>) by s327.loopia.se (qmail-ldap-1.03) with DES-CBC3-SHA encrypted SMTP for <rybar@nbusr.sk>; 16 Apr 2013 08:10:34 -0000
User-Agent: Microsoft-MacOutlook/14.3.2.130206
Date: Tue, 16 Apr 2013 10:10:34 +0200
From: Stefan Santesson <stefan@aaa-sec.com>
To: Peter Rybar <rybar@nbusr.sk>
Message-ID: <CD92D31F.60F58%stefan@aaa-sec.com>
Thread-Topic: [pkix] I-D Action: draft-ietf-pkix-rfc2560bis-20.txt
In-Reply-To: <201304160704.r3G74m3b044572@mail.nbusr.sk>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Cc: pkix@ietf.org
Subject: Re: [pkix] I-D Action: draft-ietf-pkix-rfc2560bis-20.txt
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 16 Apr 2013 08:10:39 -0000
We can't include a reference to a private extension at this stage that has not been reviewed by the WG. That does not prevent this extension from being used. Or the IETF from defining a similar extension, possibly based on the one you reference. /Stefan On 4/16/13 9:04 AM, "Peter Rybar" <rybar@nbusr.sk> wrote: >Stefan, >Is it possible to add in the Clause 7.2. "Informative References" >" >[CoPKI] T7 e.V.: Common PKI Specifications for Interoperable >Applications; Version 2.0, 20 January 2009 >" > >And in the Clause 2.2 "Response" add before the first sentence in the >NOTE text: >" >NOTE: The "good" status and the "revoked" status may include in the >SingleResponse singleExtensions CertHash [CoPKI] (Positive Statement) {1 >3 36 8 3 13} the responder may include this extension in a response to >send the hash of the requested certificate to the requestor. This hash >serves as evidence that the certificate is known to the responder (i.e. >it is available in the queried directory) and will be used as means to >provide a positive statement of availability. >" The "revoked" status indicates that a certificate with the ... > >Such text will be helpful to inform implementers about this extension >which is important especially for the "good" status and is defined >outside of this RFC. > >Peter Rybar > >-----Original Message----- >From: pkix-bounces@ietf.org [mailto:pkix-bounces@ietf.org] On Behalf Of >internet-drafts@ietf.org >Sent: Monday, April 15, 2013 6:30 PM >To: i-d-announce@ietf.org >Cc: pkix@ietf.org >Subject: [pkix] I-D Action: draft-ietf-pkix-rfc2560bis-20.txt > > >A New Internet-Draft is available from the on-line Internet-Drafts >directories. > This draft is a work item of the Public-Key Infrastructure (X.509) >Working Group of the IETF. > > Title : X.509 Internet Public Key Infrastructure Online >Certificate Status Protocol - OCSP > Author(s) : Stefan Santesson > Michael Myers > Rich Ankney > Ambarish Malpani > Slava Galperin > Carlisle Adams > Filename : draft-ietf-pkix-rfc2560bis-20.txt > Pages : 44 > Date : 2013-04-15 > >Abstract: > This document specifies a protocol useful in determining the current > status of a digital certificate without requiring CRLs. Additional > mechanisms addressing PKIX operational requirements are specified in > separate documents. This document obsoletes RFC 2560 and RFC 6277, > and updates RFC 5912. > > >The IETF datatracker status page for this draft is: >https://datatracker.ietf.org/doc/draft-ietf-pkix-rfc2560bis > >There's also a htmlized version available at: >http://tools.ietf.org/html/draft-ietf-pkix-rfc2560bis-20 > >A diff from the previous version is available at: >http://www.ietf.org/rfcdiff?url2=draft-ietf-pkix-rfc2560bis-20 > > >Internet-Drafts are also available by anonymous FTP at: >ftp://ftp.ietf.org/internet-drafts/ > >_______________________________________________ >pkix mailing list >pkix@ietf.org >https://www.ietf.org/mailman/listinfo/pkix > >_______________________________________________ >pkix mailing list >pkix@ietf.org >https://www.ietf.org/mailman/listinfo/pkix
- [pkix] I-D Action: draft-ietf-pkix-rfc2560bis-20.… internet-drafts
- Re: [pkix] I-D Action: draft-ietf-pkix-rfc2560bis… Peter Rybar
- Re: [pkix] I-D Action: draft-ietf-pkix-rfc2560bis… Stefan Santesson