Re: TSP version 03
John_Wray@iris.com Thu, 23 September 1999 11:46 UTC
Received: from mail.proper.com (mail.proper.com [206.86.127.224]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id HAA03466 for <pkix-archive@odin.ietf.org>; Thu, 23 Sep 1999 07:46:08 -0400 (EDT)
Received: from localhost (daemon@localhost) by mail.proper.com (8.9.3/8.9.3) with SMTP id EAA09367; Thu, 23 Sep 1999 04:41:50 -0700 (PDT)
Received: by mail.imc.org (bulk_mailer v1.12); Thu, 23 Sep 1999 04:41:47 -0700
Received: from arista.iris.com (arista.iris.com [198.112.211.22]) by mail.proper.com (8.9.3/8.9.3) with ESMTP id EAA09340 for <ietf-pkix@imc.org>; Thu, 23 Sep 1999 04:41:43 -0700 (PDT)
From: John_Wray@iris.com
Subject: Re: TSP version 03
To: Denis Pinkas <Denis.Pinkas@bull.net>
Cc: IETF-PXIX <ietf-pkix@imc.org>
Date: Thu, 23 Sep 1999 07:14:59 -0400
Message-ID: <OF46921C52.D621D6B3-ON852567F5.003CFAF2@iris.com>
X-Priority: 3 (Normal)
X-MIMETrack: Serialize by Router on Arista/Iris(Build V5010621|June 21, 1999) at 09/23/99 07:47:44 AM
MIME-Version: 1.0
Content-type: text/plain; charset="us-ascii"
Precedence: bulk
List-Archive: http://www.imc.org/ietf-pkix/mail-archive/
List-Unsubscribe: mailto:ietf-pkix-request@imc.org?body=unsubscribe
Denis, The TSP-over-TCP protocol defined in the new draft suffers from some of the same problems we found in the CMP-over-TCP protocol in RFC 2510. I would suggest that the changes recommended in the new draft-ietf-pkix-cmp-tcp-00.txt be applied to TSP-over-TCP as well. These changes include: i) Changing the "poll time" from an absolute time to a delta time. This is more robust than an absolute time in the event of a clock-skew between requester and responder, and also doesn't suffer from the Y2038 problem. ii) Changing the protocol to contain an explicit version number field to allow for future changes. iii) Specifying whether the TCP connection may remain up to carry multiple TSP requests, and which end is responsible for closing it. John Denis Pinkas <Denis.Pinkas@bull.net> on 09/21/99 09:18:04 AM To: IETF-PXIX <ietf-pkix@imc.org> cc: Subject: TSP version 03 A new draft of the Time Stamping Protocol (TSP) has been published at: http://www.ietf.org/internet-drafts/draft-ietf-pkix-time-stamp-03.txt The draft attempts to accommodate the issues raised at the Oslo meeting, comments received at the Oslo meeting and comments sent on the PKIX mailing list. Issues raised at the Oslo meeting: 1) Format of the TSTTime (inspired form NTP) 2) TDA (Temporal Data Authority) support. 1) A new TSTTime has been defined. It fairly simple and composed of two fields, one field using GeneralizedTime and allowing to specify the time below the precision of a second and another optional field allowing to specify the accuracy in seconds or sub-seconds when that precision is *not* plus or minus one second. It is expected that many TSA will not use the precision field and thus will produce the time according to RFC 2459 section 4.1.2.5.2. with plus or minus one second for the precision. In addition the previous draft was attempting to provide a chronology between two time stamps issued by the same TSA within the same second (assuming sub-seconds were not used). This can now be provided using the serial number which is being made mandatory. 2) At the last meeting I advertised that if no one would produce a "good" rational for supporting TDAs, TDAs would be removed. Since such a rational has not been produced, the extension has now been suppressed. However, it has been realized that we make making the same original mistake that X.509 did with the version 1: omitting to provide an extension mechanism. So an extension field has been added. This allows anyone (including ISO) to define extensions in the future, without impacting *this* document. TDAs could even been re-introduced at any time in the future, but using the extension mechanism. Comments received at the Oslo meeting 3) Steve Kent during the meeting said that we should not confuse a Time Stamp with a time information and thus requested the hash in the request to be mandatory. This is now done. 4) some people complained about the fact that the TSA was making its own judgment about the validity of the hash function used by the requester. This requirement has been partly raised since the TSA is now only required to know the OID of the hash function to make sure that the length of the hash code is correct. So the OIDs need to be known, but the TSA offers no guarantee about the strength of the hash functions (the legal responsibility has disappeared). Note: The filling dates for all patents have been added and a warning about the *use* of the protocol has been added. As a result of all of this, the document is now simpler and shorter. Denis
- TSP version 03 Denis Pinkas
- Re: TSP version 03 John_Wray
- Re: TSP version 03 David P. Kemp
- RE: TSP version 03 Salz, Rich
- RE: TSP version 03 David P. Kemp
- Re: TSP version 03 Paul Koning
- RE: TSP version 03 Paul Koning
- RE: TSP version 03 Salz, Rich
- Re: TSP version 03 Ronald Tschalär
- Re: TSP version 03 David P. Kemp
- Re: TSP version 03 Ronald Tschalär
- Re: TSP version 03 Rich Salz
- Re: TSP version 03 Life is hard, and then you die.
- Re: TSP version 03 Paul Koning