IETF Logo Mail Archive

Re: [pkix] Gen-ART review of draft-ietf-pkix-rfc2560bis-15

Stefan Santesson <stefan@aaa-sec.com> Sat, 30 March 2013 00:21 UTC

Return-Path: <stefan@aaa-sec.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A95151F0D0B for <pkix@ietfa.amsl.com>; Fri, 29 Mar 2013 17:21:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.186
X-Spam-Level:
X-Spam-Status: No, score=-102.186 tagged_above=-999 required=5 tests=[AWL=0.064, BAYES_00=-2.599, HELO_EQ_SE=0.35, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id edyZl9awgiPp for <pkix@ietfa.amsl.com>; Fri, 29 Mar 2013 17:21:03 -0700 (PDT)
Received: from s87.loopia.se (s87.loopia.se [194.9.95.113]) by ietfa.amsl.com (Postfix) with ESMTP id 1E35F1F0D07 for <pkix@ietf.org>; Fri, 29 Mar 2013 17:21:02 -0700 (PDT)
Received: from s87.loopia.se (localhost [127.0.0.1]) by s87.loopia.se (Postfix) with ESMTP id 8DB941F148A7 for <pkix@ietf.org>; Sat, 30 Mar 2013 01:21:00 +0100 (CET)
X-Virus-Scanned: amavisd-new at outgoing-smtp.loopia.se
Received: from s87.loopia.se ([127.0.0.1]) by s87.loopia.se (s87.loopia.se [127.0.0.1]) (amavisd-new, port 10024) with LMTP id DBT9iWxIH5CK for <pkix@ietf.org>; Sat, 30 Mar 2013 01:21:00 +0100 (CET)
Received: from s327.loopia.se (s34.loopia.se [194.9.94.70]) by s87.loopia.se (Postfix) with ESMTP id 4BAA41F148A3 for <pkix@ietf.org>; Sat, 30 Mar 2013 01:21:00 +0100 (CET)
Received: (qmail 38793 invoked from network); 30 Mar 2013 00:20:59 -0000
Received: from 81-232-51-61-no39.business.telia.com (HELO [192.168.0.104]) (stefan@fiddler.nu@[81.232.51.61]) (envelope-sender <stefan@aaa-sec.com>) by s327.loopia.se (qmail-ldap-1.03) with DES-CBC3-SHA encrypted SMTP for <piyush@ditenity.com>; 30 Mar 2013 00:20:59 -0000
User-Agent: Microsoft-MacOutlook/14.3.2.130206
Date: Sat, 30 Mar 2013 01:20:34 +0100
From: Stefan Santesson <stefan@aaa-sec.com>
To: Piyush Jain <piyush@ditenity.com>, "'Black, David'" <david.black@emc.com>, sts@aaa-sec.com, mmyers@fastq.com, ambarish@gmail.com, slava.galperin@gmail.com, cadams@eecs.uottawa.ca, gen-art@ietf.org
Message-ID: <CD7BEE15.5F162%stefan@aaa-sec.com>
Thread-Topic: [pkix] Gen-ART review of draft-ietf-pkix-rfc2560bis-15
In-Reply-To: <01bc01ce2cc1$4f80e280$ee82a780$@ditenity.com>
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Cc: pkix@ietf.org
Subject: Re: [pkix] Gen-ART review of draft-ietf-pkix-rfc2560bis-15
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pkix>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Mar 2013 00:21:03 -0000

Legacy servers would not comply with RFC2560bis IF revoked response for
non issued certs would be required.

/Stefan

On 3/29/13 10:06 PM, "Piyush Jain" <piyush@ditenity.com> wrote:

>Not sure if I understand.
>Are you saying legacy servers won't work with 2560bis clients?
>
>> On 3/29/13 6:12 PM, "Piyush Jain" <piyush@ditenity.com> wrote:
>> 
>> >It is your statement about backward compatibility to justify it that is
>> >incorrect.
>> >Backward compatibility "with deployments of RFC2560" is not affected in
>> >either case. Legacy clients will continue to work whether you make it
>> >required or optional.
>> 
>> Legacy servers won't
>> 
>> /Stefan
>> 
>
>

v2.23.0 | Report a Bug | By Email