Comments on draft-ietf-pkix-ipki-part4-03.txt
Stefan Santesson <stefan@accurata.se> Wed, 27 May 1998 21:54 UTC
Received: (from majordomo@localhost) by mail.proper.com (8.8.8/8.8.5) id OAA19790 for ietf-pkix-bks; Wed, 27 May 1998 14:54:33 -0700 (PDT)
Received: from mailb.telia.com (mailb.telia.com [194.22.194.6]) by mail.proper.com (8.8.8/8.8.5) with ESMTP id OAA19786 for <ietf-pkix@imc.org>; Wed, 27 May 1998 14:54:32 -0700 (PDT)
Received: from d1o26.telia.com (root@d1o26.telia.com [195.198.156.241]) by mailb.telia.com (8.8.8/8.8.8) with ESMTP id XAA22040 for <ietf-pkix@imc.org>; Wed, 27 May 1998 23:58:45 +0200 (CEST)
Received: from stefans (t8o26p22.telia.com [195.198.157.202]) by d1o26.telia.com (8.8.8/8.8.5) with SMTP id XAA20934 for <ietf-pkix@imc.org>; Wed, 27 May 1998 23:58:43 +0200 (MET DST)
Message-Id: <3.0.32.19980527234754.00956d20@m1.404.telia.com>
X-Sender: u40400192@m1.404.telia.com
X-Mailer: Windows Eudora Pro Version 3.0 (32)
Date: Wed, 27 May 1998 23:47:56 +0200
To: ietf-pkix@imc.org
From: Stefan Santesson <stefan@accurata.se>
Subject: Comments on draft-ietf-pkix-ipki-part4-03.txt
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by mail.proper.com id OAA19787
Sender: owner-ietf-pkix@imc.org
Precedence: bulk
I'm project leader of a joint Swedish project with the purpose to form a certificate policy for a Swedish national "bas-ID" certificate. The project is formed by the Swedish non-profit organization SEIS (Secured Electronic Information in Society) which is formed by members from Government, Banking, Industry, Military, Post and Health care sectors. The policy can be obtain from SEIS WWW at: http://www.seis.se/regler/normer/S10_v093.doc This policy is now ready for official approval on June 16 by the SEIS board. The policy almost follows the structure of draft-ietf-pkix-ipki-part4-03.txt We have, however, been forced to expand the structure with the following sections. 2.10 Contractual agreements. In the policy we state requirements on the CA to establish a number of contractual agreements according to some minimum standards. This is contracts with the subscriber, employer of the subscriber with which the subscriber is affiliated in the certificate, Subcontractors (such as RA:s), etc. We could not find any suitable sections in the PKIX draft to put such requirements. 5.1.9 Physical Security Controls for Registration Authorities A section like this was originally formed by ABA. We know that physical security for RA:s can be defined in sections 5.1 to 5.8 but it is much easier to define some general exception rules for RA:s in a section of its own. 5.2.1.2 Trusted Roles for Registration Authorities This section was formed by the same reason as 5.1.9 above. 5.3.9 Personal Security Controls for Registration Authorities The same as for 5.1.9 Could someone comment on this. Have we misunderstood anything. Should we have acted differently or should the PKIX draft be expanded. Thank you in advance. Stefan ---------------------------------------------------------------- Stefan Santesson <stefan@accurata.se> Accurata Systemsäkerhet AB Lotsgatan 27 D Tel. +46-40 152211 216 42 Malmö Fax. +46-40 150790 Sweden Mobile +46-70 5247799 ----------------------------------------------------------------
- RE: Comments on draft-ietf-pkix-ipki-part4-03.txt Stefan Santesson
- RE: Comments on draft-ietf-pkix-ipki-part4-03.txt Santosh Chokhani
- Comments on draft-ietf-pkix-ipki-part4-03.txt Stefan Santesson