RE: Logotypes in certificates
Stephen Kent <kent@bbn.com> Tue, 03 April 2001 14:43 UTC
Received: from above.proper.com ([208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with SMTP id KAA02799 for <pkix-archive@odin.ietf.org>; Tue, 3 Apr 2001 10:43:09 -0400 (EDT)
Received: from localhost (daemon@localhost) by above.proper.com (8.9.3/8.9.3) with SMTP id HAA05155; Tue, 3 Apr 2001 07:41:49 -0700 (PDT)
Received: by mail.imc.org (bulk_mailer v1.12); Tue, 3 Apr 2001 07:41:31 -0700
Received: from po1.bbn.com (PO1.BBN.COM [192.1.50.38]) by above.proper.com (8.9.3/8.9.3) with ESMTP id HAA05100 for <ietf-pkix@imc.org>; Tue, 3 Apr 2001 07:41:30 -0700 (PDT)
Received: from [128.33.4.39] (comsec.bbn.com [128.33.4.39]) by po1.bbn.com (8.9.1/8.9.1) with ESMTP id KAA21271; Tue, 3 Apr 2001 10:41:28 -0400 (EDT)
Mime-Version: 1.0
X-Sender: kent@po1.bbn.com
Message-Id: <p05010400b6ef9022503a@[128.33.4.39]>
In-Reply-To: <5.0.0.25.2.20010402222124.033fbc38@mail.addtrust.com>
References: <5.0.0.25.2.20010322185247.0420d990@mail.addtrust.com> < <D44EACB40164D311BEF00090274EDCCA1E740A@sydneymail1.zergo.com.au> <D44EACB40164D311BEF00090274EDCCA1E740A@sydneymail1.zergo.com.au> <5.0.0.25.2.20010322185247.0420d990@mail.addtrust.com> <5.0.0.25.2.20010402222124.033fbc38@mail.addtrust.com>
Date: Tue, 03 Apr 2001 10:43:13 -0400
To: Stefan Santesson <stefan@addtrust.com>
From: Stephen Kent <kent@bbn.com>
Subject: RE: Logotypes in certificates
Cc: ietf-pkix@imc.org
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Precedence: bulk
List-Archive: http://www.imc.org/ietf-pkix/mail-archive/
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: mailto:ietf-pkix-request@imc.org?body=unsubscribe
Stefan, >Steve, > >I have problem to find the time to compile the input you ask for. > >I think though that enough persons, where many of those actually >represent significant market players in PKI, has spoken in favour of >including logotypes in certificates in some form. In the IETF we make decisions based on technical inputs from individuals, not endorsements from company representatives, so the motivation you cite here is not persuasive. Also, several folks other than I have pointed out potential vulnerabilities of logotype use. I think it fair to say that there are pluses and minuses here. >I would further regard Bob Junemans very relevant input as yet >another very good reason for this. Bob made an argument for the acceptability of the logotype notion based on presumed legal redress against a public (TTP) CA. The concerns I and others have raised assume a rogue CA below that level. Also, the IETF, in making standards, tends to prefer security mechanisms that are proactive and that do not rely on the legal system for redress. >So to me the question is more HOW instead of IF or WHY. Everybody >doesn't have to need or want a feature in order to motivate its >support in standards. What is important though is that there is a >consensus that the choosen solution doesn't break the systems for >those who doesn't need or want to use it. I learned long ago that it's often a bad idea to agree to a concept irrespective of a proposed means of achieving it. So, absent a concrete proposal for HOW, I don't think we have consensus on WHETHER to pursue this work item. That's why I proposed that you, as the prime mover behind the idea, develop a comprehensive proposal for what you are trying to achieve and how you propose to achieve it. if you can't find the time to do that, then we will not pursue it. Steve
- RE: Logotypes in certificates David Cross
- RE: Logotypes in certificates Michael Zolotarev
- Re: Logotypes in certificates Anders Rundgren
- RE: Logotypes in certificates David Cross
- RE: Logotypes in certificates Stefan Santesson
- RE: Logotypes in certificates Stefan Santesson
- Re: Logotypes in certificates Rich Salz
- RE: Logotypes in certificates Trevor Freeman
- RE: Logotypes in certificates Trevor Freeman
- RE: Logotypes in certificates Ambarish Malpani
- RE: Logotypes in certificates Trevor Freeman
- RE: Logotypes in certificates Michael Zolotarev
- Re: Logotypes in certificates Eric Murray
- RE: Logotypes in certificates Stefan Santesson
- RE: Logotypes in certificates Michael Myers
- Re: Logotypes in certificates Stefan Santesson
- RE: Logotypes in certificates Stephen Kent
- RE: Logotypes in certificates Andrew Hoag
- Re: Logotypes in certificates Dean Povey
- Re: Logotypes in certificates Dean Povey
- RE: Logotypes in certificates Tim Moses
- RE: Logotypes in certificates todd.glassey
- RE: Logotypes in certificates Stefan Santesson
- RE: Logotypes in certificates Stephen Kent
- RE: Logotypes in certificates Stefan Santesson
- Re: Logotypes in certificates Dean Povey
- Re: Logotypes in certificates Stephen Kent
- RE: Logotypes in certificates Ambarish Malpani
- RE: Logotypes in certificates Tom Gindin
- RE: Logotypes in certificates Michael Zolotarev
- Re: Logotypes in certificates Terry Hayes
- RE: Logotypes in certificates Peter Gutmann
- RE: Logotypes in certificates Hal Lockhart
- RE: Logotypes in certificates Stephen Kent
- RE: Logotypes in certificates Stephen Kent
- RE: Logotypes in certificates Stephen Kent
- RE: Logotypes in certificates David Cross
- RE: Logotypes in certificates Stefan Santesson
- RE: Logotypes in certificates Michael Zolotarev
- RE: Logotypes in certificates todd.glassey
- RE: Logotypes in certificates Trevor Freeman
- RE: Logotypes in certificates Russ Housley
- Re: Logotypes in certificates Dean Povey
- RE: Logotypes in certificates Michael Zolotarev
- RE: Logotypes in certificates Manger, James H
- RE: Logotypes in certificates Stephen Kent
- Re: Logotypes in certificates David P. Kemp
- Re: Logotypes in certificates Michael Ströder
- Re: Logotypes in certificates Dean Povey
- Re: Logotypes in certificates Michael Ströder
- Re: Logotypes in certificates Dean Povey
- Re: Logotypes in certificates Michael Ströder
- Re: Logotypes in certificates Stefan Santesson
- RE: Logotypes in certificates Bob Jueneman
- RE: Logotypes in certificates Stefan Santesson
- RE: Logotypes in certificates todd.glassey
- RE: Logotypes in certificates Stephen Kent
- Re: Logotypes in certificates Anders Rundgren
- RE: Logotypes in certificates Stefan Santesson