Re: [pkix] New Version Notification for draft-seantek-certfrag-00.txt
Sean Turner <turners@ieca.com> Thu, 06 November 2014 00:29 UTC
Return-Path: <turners@ieca.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3BD331A1A40 for <pkix@ietfa.amsl.com>; Wed, 5 Nov 2014 16:29:17 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.567
X-Spam-Level:
X-Spam-Status: No, score=-1.567 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Re37MKMrspYL for <pkix@ietfa.amsl.com>; Wed, 5 Nov 2014 16:29:16 -0800 (PST)
Received: from gateway13.websitewelcome.com (gateway13.websitewelcome.com [69.56.148.12]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id DB00C1A1A0A for <pkix@ietf.org>; Wed, 5 Nov 2014 16:29:15 -0800 (PST)
Received: by gateway13.websitewelcome.com (Postfix, from userid 5007) id 598167AA6EA7E; Wed, 5 Nov 2014 18:29:15 -0600 (CST)
Received: from gator3286.hostgator.com (gator3286.hostgator.com [198.57.247.250]) by gateway13.websitewelcome.com (Postfix) with ESMTP id 491FC7AA6EA3C for <pkix@ietf.org>; Wed, 5 Nov 2014 18:29:15 -0600 (CST)
Received: from [173.73.121.234] (port=53946 helo=[192.168.1.7]) by gator3286.hostgator.com with esmtpsa (TLSv1:AES128-SHA:128) (Exim 4.82) (envelope-from <turners@ieca.com>) id 1XmAws-0004sF-IU; Wed, 05 Nov 2014 18:29:14 -0600
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Sean Turner <turners@ieca.com>
In-Reply-To: <544D14C8.4070604@seantek.com>
Date: Wed, 05 Nov 2014 19:29:15 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <1557541F-A60F-430B-8C6C-BA5474538C79@ieca.com>
References: <540E0A56.7060301@seantek.com> <544D14C8.4070604@seantek.com>
To: Sean Leonard <dev+ietf@seantek.com>
X-Mailer: Apple Mail (2.1878.6)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - gator3286.hostgator.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - ieca.com
X-BWhitelist: no
X-Source-IP: 173.73.121.234
X-Exim-ID: 1XmAws-0004sF-IU
X-Source:
X-Source-Args:
X-Source-Dir:
X-Source-Sender: ([192.168.1.7]) [173.73.121.234]:53946
X-Source-Auth: sean.turner@ieca.com
X-Email-Count: 3
X-Source-Cap: ZG9tbWdyNDg7ZG9tbWdyNDg7Z2F0b3IzMjg2Lmhvc3RnYXRvci5jb20=
Archived-At: http://mailarchive.ietf.org/arch/msg/pkix/eHbA4ry7xzH0Q-j6_rZwziU2D2Q
Cc: pkix@ietf.org, saag@ietf.org
Subject: Re: [pkix] New Version Notification for draft-seantek-certfrag-00.txt
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 06 Nov 2014 00:29:17 -0000
Seems like a reasonable way to do what you’re trying to do, but I’ve got two questions: 1) Do you really, really need the MUST? If an implementation doesn’t follow the rules and instead uses “sN” for the serial number fragment it’s still going to work right because they’re case-insensitive? If that’s the case then maybe you could just drop that bit. 2) The second part of the text in the security considerations gave me pause: A certificate displaying application might zoom in on that aspect of the certificate, while a public key-processing application might use a fragment identifier like "#spki" to extract the "SubjectPublicKeyInfo" structure for further processing. Are you saying the spki would be extracted for processing from the identifier or from the certificate? I’m hoping the later. spt On Oct 26, 2014, at 11:35, Sean Leonard <dev+ietf@seantek.com> wrote: > Just wanted to follow up on this request for feedback/review for draft-seantek-certfrag, which defines fragment identifiers for certificates. > > This is a short draft (just four pages--and the fourth page is just the author info). If you read it and don't find any issues, please let me know as well. > > Thanks, > > Sean > > On 9/8/2014 12:58 PM, Sean Leonard wrote: > > Hello PKIX and SAAG lists: > > Based on discussions had at IETF 90, I have written up a new Internet-Draft to define URI fragment identifiers for certificates. The proposal is very simple, as there are only a limited number of well-defined PKIX certificate parts. > > This text is a spinoff of draft-seantek-certspec, since the fragment definitions depend on the media type (application/pkix-cert), not on the URI scheme or other parts. > > Feedback is appreciated. > > Sean > > ************************* > > A new version of I-D, draft-seantek-certfrag-00.txt > has been successfully submitted by Sean Leonard and posted to the > IETF repository. > > Name: draft-seantek-certfrag > Revision: 00 > Title: URI Fragment Identifiers for the application/pkix-cert Media Type > Document date: 2014-09-08 > Group: Individual Submission > Pages: 4 > URL: http://www.ietf.org/internet-drafts/draft-seantek-certfrag-00.txt > Status: https://datatracker.ietf.org/doc/draft-seantek-certfrag/ > Htmlized: http://tools.ietf.org/html/draft-seantek-certfrag-00 > > > Abstract: > This memo describes Uniform Resource Identifier (URI) fragment > identifiers for PKIX certificates, which are identified with the > Internet media type application/pkix-cert. > > > > > Please note that it may take a couple of minutes from the time of submission > until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat > > _______________________________________________ > pkix mailing list > pkix@ietf.org > https://www.ietf.org/mailman/listinfo/pkix
- [pkix] New Version Notification for draft-seantek… Sean Leonard
- Re: [pkix] New Version Notification for draft-sea… Sean Leonard
- Re: [pkix] New Version Notification for draft-sea… Russ Housley
- Re: [pkix] New Version Notification for draft-sea… Sean Turner
- Re: [pkix] New Version Notification for draft-sea… Sean Leonard
- Re: [pkix] New Version Notification for draft-sea… Sean Turner