Re: [pkix] [Technical Errata Reported] RFC5912 (3623)
Carl Wallace <carl@redhoundsoftware.com> Thu, 16 May 2013 15:37 UTC
Return-Path: <carl@redhoundsoftware.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E3E7D21F91CB for <pkix@ietfa.amsl.com>; Thu, 16 May 2013 08:37:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.203
X-Spam-Level:
X-Spam-Status: No, score=-1.203 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_QP_LONG_LINE=1.396]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A5ItdOqz7zzg for <pkix@ietfa.amsl.com>; Thu, 16 May 2013 08:37:09 -0700 (PDT)
Received: from mail-qc0-x236.google.com (mail-qc0-x236.google.com [IPv6:2607:f8b0:400d:c01::236]) by ietfa.amsl.com (Postfix) with ESMTP id 41ABF21F91AB for <pkix@ietf.org>; Thu, 16 May 2013 08:37:09 -0700 (PDT)
Received: by mail-qc0-f182.google.com with SMTP id c10so1127554qcz.13 for <pkix@ietf.org>; Thu, 16 May 2013 08:37:08 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=x-received:references:mime-version:in-reply-to:content-type :content-transfer-encoding:message-id:cc:x-mailer:from:subject:date :to:x-gm-message-state; bh=qRlMcjwYk1+gzTTDNv/njbCNgCfbIE7qXKcPfma/t6o=; b=o1bcKlVJMeSPJ0bvs9yiReIZ29lRAZWnAOYbGktIsX0wpEvUYJumfrnOUrg1YxIiIs j2Sa5m9iwsv/3k5DEu0gb9cnpvC8Usj4gX62hpufz9dtoVcLCyrQcs04/T95D+AzJwNg HxQAKixwTMfBKG7RSCjzhYzXYi3jRI1fDGI0Pt6dVObMUDXYKHVR8P3No6sooz9buqKL oREB40Sn+xmiIAvvPmkawAWdWnFfbv0saT0HQBJ4/DeuW1GSrrdqLQ8WSdoe+CrbDel5 O11Z5zj6TXFgMhGsHqe5cFm5BgOyz3XdoIcwkvdKGxmbuAHj1CqU6tNYzsKAmRDUVjWv q1nQ==
X-Received: by 10.49.35.72 with SMTP id f8mr6496020qej.4.1368718628680; Thu, 16 May 2013 08:37:08 -0700 (PDT)
Received: from [10.239.53.255] (46.sub-174-227-129.myvzw.com. [174.227.129.46]) by mx.google.com with ESMTPSA id s10sm7427054qam.7.2013.05.16.08.37.06 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 16 May 2013 08:37:08 -0700 (PDT)
References: <20130516110751.438AC62103@rfc-editor.org> <05f301ce5249$28be3f50$7a3abdf0$@augustcellars.com>
Mime-Version: 1.0 (1.0)
In-Reply-To: <05f301ce5249$28be3f50$7a3abdf0$@augustcellars.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-Id: <9154E240-C749-4854-8312-8BEE436CC45E@redhoundsoftware.com>
X-Mailer: iPhone Mail (10B146)
From: Carl Wallace <carl@redhoundsoftware.com>
Date: Thu, 16 May 2013 11:37:05 -0400
To: Jim Schaad <jimsch@augustcellars.com>
X-Gm-Message-State: ALoCoQnan2anjEu3xViyLUJgd/jipWsEF3noKoO37YOe2VyYspBwP4451XkpDUwUu1pIT2VfYPFe
Cc: "<stefan@aaa-sec.com>" <stefan@aaa-sec.com>, "<paul.hoffman@vpnc.org>" <paul.hoffman@vpnc.org>, "<jimsch@exmsft.com>" <jimsch@exmsft.com>, "<pkix@ietf.org>" <pkix@ietf.org>, RFC Errata System <rfc-editor@rfc-editor.org>
Subject: Re: [pkix] [Technical Errata Reported] RFC5912 (3623)
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 16 May 2013 15:37:10 -0000
The errata has multiple parts if you feel the MAX limit is unacceptable accept the type issue independently. Suggested limit change aligns with similar certificate serial number definition. On May 16, 2013, at 11:22 AM, "Jim Schaad" <jimsch@augustcellars.com> wrote: > Reject > > The serial number MUST be a positive integer assigned by the CA to > each certificate. > > >> -----Original Message----- >> From: RFC Errata System [mailto:rfc-editor@rfc-editor.org] >> Sent: Thursday, May 16, 2013 12:08 PM >> To: paul.hoffman@vpnc.org; jimsch@exmsft.com; stephen.farrell@cs.tcd.ie; >> turners@ieca.com; kent@bbn.com; stefan@aaa-sec.com >> Cc: carl@redhoundsoftware.com; pkix@ietf.org; rfc-editor@rfc-editor.org >> Subject: [Technical Errata Reported] RFC5912 (3623) >> >> The following errata report has been submitted for RFC5912, "New ASN.1 >> Modules for the Public Key Infrastructure Using X.509 (PKIX)". >> >> -------------------------------------- >> You may review the report below and at: >> http://www.rfc-editor.org/errata_search.php?rfc=5912&eid=3623 >> >> -------------------------------------- >> Type: Technical >> Reported by: Carl Wallace <carl@redhoundsoftware.com> >> >> Section: 14 >> >> Original Text >> ------------- >> -- CRL number extension OID and syntax >> ext-CRLNumber EXTENSION ::= {SYNTAX >> INTEGER (0..MAX) IDENTIFIED BY id-ce-cRLNumber } >> id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 } >> >> CRLNumber ::= INTEGER (0..MAX) >> >> Corrected Text >> -------------- >> -- CRL number extension OID and syntax >> CRLNumber ::= INTEGER >> >> ext-CRLNumber EXTENSION ::= {SYNTAX >> CRLNumber IDENTIFIED BY id-ce-cRLNumber } >> id-ce-cRLNumber OBJECT IDENTIFIER ::= { id-ce 20 } >> >> >> Notes >> ----- >> The CRLNumber extension was not defined to use the CRLNumber type. The >> CRLNumber type uses MAX to limit the maximum value. This limitation is >> inconsistent with section 5.2.3 and Appendix B, which allow CRLNumber >> values up to 20 octets in length. >> >> Instructions: >> ------------- >> This errata is currently posted as "Reported". If necessary, please use > "Reply >> All" to discuss whether it should be verified or rejected. When a decision > is >> reached, the verifying party (IESG) can log in to change the status and > edit the >> report, if necessary. >> >> -------------------------------------- >> RFC5912 (draft-ietf-pkix-new-asn1-08) >> -------------------------------------- >> Title : New ASN.1 Modules for the Public Key Infrastructure > Using >> X.509 (PKIX) >> Publication Date : June 2010 >> Author(s) : P. Hoffman, J. Schaad >> Category : INFORMATIONAL >> Source : Public-Key Infrastructure (X.509) >> Area : Security >> Stream : IETF >> Verifying Party : IESG >
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Martin Rex
- [pkix] [Technical Errata Reported] RFC5912 (3623) RFC Errata System
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Jim Schaad
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Carl Wallace
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Erwann Abalea
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Carl Wallace
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Erwann Abalea
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Martin Rex
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Carl Wallace
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Erwann Abalea
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Martin Rex
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Martin Rex
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Piyush J.comain
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Martin Rex
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Piyush J.comain
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Erwann Abalea
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Jim Schaad
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Martin Rex
- Re: [pkix] [Technical Errata Reported] RFC5912 (3… Piyush Jain