Re: [pkix] [saag] PKCS #9 LDAP Registrations New Version Notification for draft-seantek-ldap-pkcs9-01.txt
Sean Turner <turners@ieca.com> Mon, 10 November 2014 23:06 UTC
Return-Path: <turners@ieca.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 439A21ACE22 for <pkix@ietfa.amsl.com>; Mon, 10 Nov 2014 15:06:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.733
X-Spam-Level:
X-Spam-Status: No, score=0.733 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, MANGLED_TOOL=2.3, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id qUn2jq3BtWi6 for <pkix@ietfa.amsl.com>; Mon, 10 Nov 2014 15:06:10 -0800 (PST)
Received: from gateway04.websitewelcome.com (gateway04.websitewelcome.com [67.18.124.7]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CA6D91A8979 for <pkix@ietf.org>; Mon, 10 Nov 2014 15:06:09 -0800 (PST)
Received: by gateway04.websitewelcome.com (Postfix, from userid 5007) id 20C971B4DF649; Mon, 10 Nov 2014 17:06:09 -0600 (CST)
Received: from gator3286.hostgator.com (gator3286.hostgator.com [198.57.247.250]) by gateway04.websitewelcome.com (Postfix) with ESMTP id 0495B1B4DF5DA for <pkix@ietf.org>; Mon, 10 Nov 2014 17:06:09 -0600 (CST)
Received: from [31.133.163.154] (port=49395 helo=dhcp-a39a.meeting.ietf.org) by gator3286.hostgator.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.82) (envelope-from <turners@ieca.com>) id 1Xny2C-0007ZR-7x; Mon, 10 Nov 2014 17:06:08 -0600
Content-Type: multipart/signed; boundary="Apple-Mail=_54F1270D-CD98-44B5-BC33-440B2A8535A4"; protocol="application/pkcs7-signature"; micalg="sha1"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Sean Turner <turners@ieca.com>
In-Reply-To: <545E358C.9010405@seantek.com>
Date: Mon, 10 Nov 2014 13:06:04 -1000
Message-Id: <6913EDA6-738F-4824-A307-331AFED8FAD4@ieca.com>
References: <20141026225606.23674.92818.idtracker@ietfa.amsl.com> <545E358C.9010405@seantek.com>
To: Sean Leonard <dev+ietf@seantek.com>
X-Mailer: Apple Mail (2.1878.6)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - gator3286.hostgator.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - ieca.com
X-BWhitelist: no
X-Source-IP: 31.133.163.154
X-Exim-ID: 1Xny2C-0007ZR-7x
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: (dhcp-a39a.meeting.ietf.org) [31.133.163.154]:49395
X-Source-Auth: sean.turner@ieca.com
X-Email-Count: 2
X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IzMjg2Lmhvc3RnYXRvci5jb20=
Archived-At: http://mailarchive.ietf.org/arch/msg/pkix/e0andceSSwDjbcTuH9TIsXAWDvY
Cc: "pkix@ietf.org" <pkix@ietf.org>, saag@ietf.org
Subject: Re: [pkix] [saag] PKCS #9 LDAP Registrations New Version Notification for draft-seantek-ldap-pkcs9-01.txt
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Nov 2014 23:06:12 -0000
RFC 4510 is kind of a lame LDAP security reference because it just says this: LDAP security considerations are discussed in each document comprising the technical specification. Maybe 4512 is better because it at least mentions privacy. Because I’m sure you’re going to get hit with a “where’s your privacy considerations” maybe you should have a look at the SCIM draft: http://datatracker.ietf.org/doc/draft-ietf-scim-core-schema/?include_text=1 At a minimum you’re going to note which of these elements are privacy sensitive. You may end up saying those identified elements must be returned over a protected channel. spt On Nov 08, 2014, at 05:23, Sean Leonard <dev+ietf@seantek.com> wrote: > Hello pkix/saag: > > In September I published an initial Internet-Draft on registering PKCS #9 values (such as dateOfBirth and userPKCS12) in the IANA LDAP Parameters registry. > > I got a few comments from the ldap list, so I revised it to -01 last month. Since IETF 91 is coming up, I thought I would at least inform these lists of the work. A lot of security software (such as OpenSSL) uses LDAP Parameters with varying degrees of (in)formality, so the purpose of this short 7-page draft is just to finish off what PKCS #9 started. > > Comments welcome. Thanks, > > Sean > > Begin forwarded message: > >> From: internet-drafts@ietf.org >> Subject: New Version Notification for draft-seantek-ldap-pkcs9-01.txt >> Date: October 26, 2014 at 3:56:06 PM PDT >> To: Sean Leonard <dev+ietf@seantek.com>, "Sean Leonard" <dev+ietf@seantek.com> >> >> >> A new version of I-D, draft-seantek-ldap-pkcs9-01.txt >> has been successfully submitted by Sean Leonard and posted to the >> IETF repository. >> >> Name: draft-seantek-ldap-pkcs9 >> Revision: 01 >> Title: >> >> >> >> >> Lightweight Directory Access Protocol (LDAP) Registrations for PKCS #9 >> Document date: 2014-10-26 >> Group: >> >> >> >> >> Individual Submission >> Pages: >> >> >> >> >> 7 >> URL: http://www.ietf.org/internet-drafts/draft-seantek-ldap-pkcs9-01.txt >> Status: https://datatracker.ietf.org/doc/draft-seantek-ldap-pkcs9/ >> Htmlized: http://tools.ietf.org/html/draft-seantek-ldap-pkcs9-01 >> Diff: http://www.ietf.org/rfcdiff?url2=draft-seantek-ldap-pkcs9-01 >> >> Abstract: >> PKCS #9 includes several useful definitions that are not yet >> reflected in the LDAP IANA registry. This document adds those >> definitions to the IANA registry. >> >> The IETF Secretariat >> > > _______________________________________________ > saag mailing list > saag@ietf.org > https://www.ietf.org/mailman/listinfo/saag
- [pkix] PKCS #9 LDAP Registrations New Version Not… Sean Leonard
- Re: [pkix] [saag] PKCS #9 LDAP Registrations New … Sean Turner