Re: [pkix] Possible new work item: additional methods for generating key identifiers

[Rene Struik <rstruik.ext@gmail.com>]

Hi Sean:

You defined the key identifier to be the hash of the public key,
truncated to 160 bits. Shouldn't one have different key identifiers if
the policy fields assoicated with the public key are different (e.g., if
the same public key Qa associated with some entity A gets rolled over
and assigned a new validity period)? Similarly, shouldn't one include
the unique id of the presumed key holder (e.g.,so as to preclude people
cloning a public/private key pair to another device [I am sure
implementers contemplating this exist] without notice)?

Best regards, Rene

On 23/04/2012 4:29 PM, Sean Turner wrote:
> <no hat>
>
> I've resurrected this draft after making some changes/additions to it
> based on mailing list comments. The latest version can be found at:
>
> http://datatracker.ietf.org/doc/draft-turner-additional-methods-4kis/
>
> I'd like to ask the WG (again) to consider adopting this a WG item.
>
> spt
>
> </no hat>
>
> On 6/16/10 10:17 AM, Sean Turner wrote:
>> Greetings. Steve and I have whipped up a short I-D that specifies
>> additional methods for generating key identifiers from a public key. The
>> draft can be found at:
>>
>> http://datatracker.ietf.org/doc/draft-turner-additional-methods-4kis/
>>
>> I'd like to ask the WG to consider adopting this as a WG item.
>>
>> Cheers,
>>
>> spt*
>>
>> * (with no hat on)
>> _______________________________________________
>> pkix mailing list
>> pkix@ietf.org
>> https://www.ietf.org/mailman/listinfo/pkix
>>
> _______________________________________________
> pkix mailing list
> pkix@ietf.org
> https://www.ietf.org/mailman/listinfo/pkix


-- 
email: rstruik.ext@gmail.com
Skype: rstruik
cell: +1 (647) 867-5658
USA Google voice: +1 (415) 690-7363