Re: [pkix] [saag] Fwd: Is it time for a pkix extensions (or similar) wg?
Eliot Lear <lear@cisco.com> Fri, 05 February 2016 12:16 UTC
Return-Path: <lear@cisco.com>
X-Original-To: pkix@ietfa.amsl.com
Delivered-To: pkix@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6F47B1B37A3 for <pkix@ietfa.amsl.com>; Fri, 5 Feb 2016 04:16:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.502
X-Spam-Level:
X-Spam-Status: No, score=-14.502 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id TC-PkSStOX1M for <pkix@ietfa.amsl.com>; Fri, 5 Feb 2016 04:16:54 -0800 (PST)
Received: from aer-iport-1.cisco.com (aer-iport-1.cisco.com [173.38.203.51]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9AF3B1B37A1 for <pkix@ietf.org>; Fri, 5 Feb 2016 04:16:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=2611; q=dns/txt; s=iport; t=1454674613; x=1455884213; h=subject:to:references:from:message-id:date:mime-version: in-reply-to; bh=fck6DcWpOCuWOCWLycUiT/6hZXjQZClgObgnmwJ2MXM=; b=dkLjkTn+1CzB9pQyqZRSKzBCrANuIThtt2VYWIhSmb81GXJ0lPl5Fpf6 r3kwQEMCnliCNnUqfKXwSo8+DyDAloR8wQf5B1hGPIeH4E5Lbm9bUhkTn qYrPQS0boPpID3NTxWSMuxj7qkEALVRn/b2Hb73QsoP3ZNjkoZgsYbOPb M=;
X-Files: signature.asc : 481
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CnBAA+krRW/xbLJq1ejVSxG4Fmhg0CgWkTAQEBAQEBAYEKhEIBAQQjVRELGAkWCwICCQMCAQIBRQYBDAgBAYgXsHSOagEBAQEBAQQBAQEBAQESCIlOe4cygToBBIdYjx2CfoFkiG6BW4RDgwOFUoVuiFAiAj6DZTuKKgEBAQ
X-IronPort-AV: E=Sophos;i="5.22,400,1449532800"; d="asc'?scan'208";a="649067158"
Received: from aer-iport-nat.cisco.com (HELO aer-core-1.cisco.com) ([173.38.203.22]) by aer-iport-1.cisco.com with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 05 Feb 2016 12:16:49 +0000
Received: from [10.61.73.104] (ams3-vpn-dhcp2408.cisco.com [10.61.73.104]) by aer-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id u15CGnj8012374; Fri, 5 Feb 2016 12:16:49 GMT
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>, pkix@ietf.org
References: <56B48DED.5080202@cs.tcd.ie> <56B48E7D.30309@cs.tcd.ie>
From: Eliot Lear <lear@cisco.com>
Message-ID: <56B492B0.8070700@cisco.com>
Date: Fri, 05 Feb 2016 13:16:48 +0100
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:38.0) Gecko/20100101 Thunderbird/38.5.1
MIME-Version: 1.0
In-Reply-To: <56B48E7D.30309@cs.tcd.ie>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="1QhTuiGusDFG1MtsTiXhAsEmQ8u7vS9ue"
Archived-At: <http://mailarchive.ietf.org/arch/msg/pkix/vLDaxZG6y1emIHO8Z7kn5F2BF6Q>
Subject: Re: [pkix] [saag] Fwd: Is it time for a pkix extensions (or similar) wg?
X-BeenThere: pkix@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: PKIX Working Group <pkix.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pkix>, <mailto:pkix-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pkix/>
List-Post: <mailto:pkix@ietf.org>
List-Help: <mailto:pkix-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pkix>, <mailto:pkix-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 05 Feb 2016 12:16:55 -0000
Hi Stephen, and thanks for this note. Please see below: On 2/5/16 12:58 PM, Stephen Farrell wrote: > > Hiya, > > We seem to be seeing a number of drafts that folks are > writing that define new certificate extensions or that > want to update/modify PKIX specs. > > Do folks think it is now time to form a working group > to process those? > > If no, please say why. > > If yes, please say what draft(s) and propose any other > scoping. If you know of people who are or would implement > and deploy, that is very useful information. (It is fine > to say "I think we should work on topic <foo>" but it is > *much* better if you can point at a draft you've written > about <foo> and say that you or someone is implementing > that and that it'll get deployed.) I've written draft-lear-ietf-pkix-mud-extension-00.txt that talks about something called a manufacturer usage description. The idea is to provide a means for local networks to retrieve recommendations from manufacturers on what sort of access their devices should have. This extension is intended for use in the context of IEEE 802.1AR. It definitely could use a good set of eyes on it. We are currently in the lab with the concept now. > > If you think this requires face to face discussion at > IETF95 (e.g. to tease out scope) please say that too. I am personally okay with any approach to move forward, whether that's a WG, doing something AD-sponsored, or something else. I'm hoping that as non-critical constraints go this one is not particularly controversial. If a working group is the best way, I would just ask that this draft be included in scope ;-) Eliot
- Re: [pkix] Is it time for a pkix extensions (or s… Miller, Timothy J.
- Re: [pkix] Is it time for a pkix extensions (or s… Wei Chuang
- Re: [pkix] Is it time for a pkix extensions (or s… Wei Chuang
- Re: [pkix] Is it time for a pkix extensions (or s… Peter Bowen
- Re: [pkix] Is it time for a pkix extensions (or s… Alexey Melnikov
- Re: [pkix] Is it time for a pkix extensions (or s… Wei Chuang
- Re: [pkix] Is it time for a pkix extensions (or s… Wei Chuang
- [pkix] Is it time for a pkix extensions (or simil… Stephen Farrell
- Re: [pkix] [saag] Fwd: Is it time for a pkix exte… Eliot Lear
- Re: [pkix] Is it time for a pkix extensions (or s… Wei Chuang
- Re: [pkix] Is it time for a pkix extensions (or s… Eliot Lear
- Re: [pkix] Is it time for a pkix extensions (or s… Miller, Timothy J.
- Re: [pkix] Is it time for a pkix extensions (or s… Wei Chuang
- Re: [pkix] Is it time for a pkix extensions (or s… Wei Chuang
- Re: [pkix] Is it time for a pkix extensions (or s… Miller, Timothy J.
- Re: [pkix] Is it time for a pkix extensions (or s… Stephen Farrell
- Re: [pkix] Is it time for a pkix extensions (or s… Phillip Hallam-Baker
- Re: [pkix] Is it time for a pkix extensions (or s… Miller, Timothy J.
- Re: [pkix] Is it time for a pkix extensions (or s… Wei Chuang
- [pkix] Email address matching rules (was Re: Is i… David A. Cooper
- Re: [pkix] Email address matching rules (was Re: … Eliot Lear
- Re: [pkix] Email address matching rules (was Re: … David A. Cooper
- Re: [pkix] Email address matching rules (was Re: … Eliot Lear
- Re: [pkix] Email address matching rules (was Re: … David A. Cooper
- Re: [pkix] Email address matching rules (was Re: … Miller, Timothy J.
- Re: [pkix] Email address matching rules (was Re: … Miller, Timothy J.
- Re: [pkix] Email address matching rules (was Re: … David A. Cooper
- Re: [pkix] Email address matching rules (was Re: … Peter Bowen
- Re: [pkix] Email address matching rules (was Re: … Russ Housley
- Re: [pkix] Email address matching rules (was Re: … David A. Cooper
- Re: [pkix] Email address matching rules (was Re: … Eliot Lear
- Re: [pkix] Email address matching rules (was Re: … Tom Gindin
- [pkix] MUD Draft - was Re: [saag] Fwd: Is it time… Tom Gindin
- Re: [pkix] Email address matching rules (was Re: … Wei Chuang
- Re: [pkix] Email address matching rules (was Re: … Russ Housley
- Re: [pkix] Email address matching rules (was Re: … Tom Gindin
- Re: [pkix] Email address matching rules (was Re: … Wei Chuang
- Re: [pkix] Email address matching rules (was Re: … Wei Chuang
- Re: [pkix] Email address matching rules, this is … John R Levine