Re: draft-ietf-pkix-rfc3770bis-01: key usage extension
Peter Sylvester <Peter.Sylvester@edelweb.fr> Fri, 15 April 2005 17:04 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id NAA21611 for <pkix-archive@lists.ietf.org>; Fri, 15 Apr 2005 13:04:12 -0400 (EDT)
Received: from above.proper.com (localhost.vpnc.org [127.0.0.1]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j3FGLKQF086689; Fri, 15 Apr 2005 09:21:20 -0700 (PDT) (envelope-from owner-ietf-pkix@mail.imc.org)
Received: (from majordom@localhost) by above.proper.com (8.12.11/8.12.9/Submit) id j3FGLKPF086688; Fri, 15 Apr 2005 09:21:20 -0700 (PDT)
X-Authentication-Warning: above.proper.com: majordom set sender to owner-ietf-pkix@mail.imc.org using -f
Received: from edelweb.fr (edelweb.fr [212.234.46.16]) by above.proper.com (8.12.11/8.12.9) with ESMTP id j3FGLIfD086681 for <ietf-pkix@imc.org>; Fri, 15 Apr 2005 09:21:19 -0700 (PDT) (envelope-from Peter.Sylvester@edelweb.fr)
Received: from chandon.edelweb.fr (localhost [127.0.0.1]) by edelweb.fr (8.11.7p1+Sun/8.11.7) with ESMTP id j3FGKnn16212; Fri, 15 Apr 2005 18:20:49 +0200 (MEST)
Received: from chandon.edelweb.fr (chandon.edelweb.fr [193.51.14.162]) by edelweb.fr (nospam/2.0); Fri, 15 Apr 2005 18:20:49 +0200 (MET DST)
Received: (from peter@localhost) by chandon.edelweb.fr (8.11.7p1+Sun/8.11.7) id j3FGKm004293; Fri, 15 Apr 2005 18:20:48 +0200 (MEST)
Date: Fri, 15 Apr 2005 18:20:48 +0200
From: Peter Sylvester <Peter.Sylvester@edelweb.fr>
Message-Id: <200504151620.j3FGKm004293@chandon.edelweb.fr>
To: ietf-pkix@imc.org, housley@vigilsec.com
Subject: Re: draft-ietf-pkix-rfc3770bis-01: key usage extension
X-Sun-Charset: US-ASCII
Sender: owner-ietf-pkix@mail.imc.org
Precedence: bulk
List-Archive: <http://www.imc.org/ietf-pkix/mail-archive/>
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: <mailto:ietf-pkix-request@imc.org?body=unsubscribe>
> > Peter: > > You are the one that complained that there was not discussion of the key > usage extension. I am happy to delete the whole paragraph ... you are the > one who asked for the topic to be covered. Your name is not Bismarck, and this is not the Emser Depesche. :-) I have 'remarked' that there was no discussion of keyUsage in your text. You have introduced a restriction that was not in 3370. Since both versions of your proposals seem wrong to me I had already proposed to delete the second half of the sentence that talks about keyusages of crlsign or keyCertSign. I also had asked whether it is true that 'Currently no EAP methods require keyCertSign or crlSign'. I have the feeling that this is what you wanted to express. > How about this: > > If a certificate contains a key usage extension, the KeyUsage bits > that are needed depends on the EAP method that is employed. > > Russ This text is what I had proposed to you yesterday in a reponse that didn't went to the list since you did not answered the question above (unless I have missed it). I can live with an with that. Peter
- Re: draft-ietf-pkix-rfc3770bis-01: key usage exte… Peter Sylvester
- Re: draft-ietf-pkix-rfc3770bis-01: key usage exte… Russ Housley
- Re: draft-ietf-pkix-rfc3770bis-01: key usage exte… Peter Sylvester
- Re: draft-ietf-pkix-rfc3770bis-01: key usage exte… Russ Housley
- Re: draft-ietf-pkix-rfc3770bis-01: key usage exte… Peter Sylvester
- Re: draft-ietf-pkix-rfc3770bis-01: key usage exte… Peter Sylvester