RE: Logotypes in certificates
todd.glassey@att.net Mon, 02 April 2001 22:21 UTC
Received: from above.proper.com (above.proper.com [208.184.76.39]) by ietf.org (8.9.1a/8.9.1a) with SMTP id SAA02920 for <pkix-archive@odin.ietf.org>; Mon, 2 Apr 2001 18:21:35 -0400 (EDT)
Received: from localhost (daemon@localhost) by above.proper.com (8.9.3/8.9.3) with SMTP id PAA24741; Mon, 2 Apr 2001 15:20:29 -0700 (PDT)
Received: by mail.imc.org (bulk_mailer v1.12); Mon, 2 Apr 2001 15:20:25 -0700
Received: from mtiwmhc23.worldnet.att.net (mtiwmhc23.worldnet.att.net [204.127.131.48]) by above.proper.com (8.9.3/8.9.3) with ESMTP id PAA24709 for <ietf-pkix@imc.org>; Mon, 2 Apr 2001 15:20:25 -0700 (PDT)
From: todd.glassey@att.net
Received: from webmail.worldnet.att.net ([204.127.135.42]) by mtiwmhc23.worldnet.att.net (InterMail vM.4.01.03.16 201-229-121-116-20010115) with SMTP id <20010402221952.ZKQL21907.mtiwmhc23.worldnet.att.net@webmail.worldnet.att.net>; Mon, 2 Apr 2001 22:19:52 +0000
Received: from [12.81.78.211] by webmail.worldnet.att.net; Mon, 02 Apr 2001 22:19:52 +0000
To: Stefan Santesson <stefan@addtrust.com>
Cc: ietf-pkix@imc.org
Subject: RE: Logotypes in certificates
Date: Mon, 02 Apr 2001 22:19:52 +0000
X-Mailer: AT&T Message Center Version 1 (Mar 27 2001)
Message-Id: <20010402221952.ZKQL21907.mtiwmhc23.worldnet.att.net@webmail.worldnet.att.net>
Precedence: bulk
List-Archive: http://www.imc.org/ietf-pkix/mail-archive/
List-ID: <ietf-pkix.imc.org>
List-Unsubscribe: mailto:ietf-pkix-request@imc.org?body=unsubscribe
-- Regards, Todd > Steve, > > I have problem to find the time to compile the input you ask for. > > I think though that enough persons, where many of those actually represent > significant market players in PKI, You mean people that provide PKI solutions, not people that use them. This is a key differentiation, (pardon the pun) since I have yet to hear anyone who would be using LogoTypes say what and how they would use them for. > has spoken in favour of including > logotypes in certificates in some form. > > I would further regard Bob Junemans very relevant input as yet another very > good reason for this. > > So to me the question is more HOW instead of IF or WHY. Everybody doesn't > have to need or want a feature in order to motivate its support in > standards. here again. Is this feature for the users of the system or for you as a technologist? > What is important though is that there is a consensus that the > choosen solution doesn't break Impugn the QoS, or increase the overhead of > the systems for those who don't need or > want to use it. > > I agree with those who consider inclusion of logotypes in policy qualifiers > as a primitive hack, but I also see the good sides of this and right now I > agree with Russ that this is probably the best way to do it in order to > avoid the problems you address. I see it differently. I see it as a way to complicate an already very complex process. Once again more and more of the use model seems to be sneaking from the Application into the core protocol, making creeping featureism an everyday word it seems. > > If policy qualifiers would be deprecated, then I'm open for suggestions. I > don't care that much about HOW as long as this important need gets addressed. > > /Stefan > > > At 10:11 2001-03-23 -0500, Stephen Kent wrote: > >Stefan, > > > >>Steve, > >> > >>There was a suggestion during a dinner yesterday that logotypes actually > >>could be provided as a policy qualifier. That would actually solve your > >>problem since you could directly tie acceptance of logotypes in > >>certificates to a particular policy. > >> > >>This enables you to control the path validation problem with the use of > >>policy constraints. > > > >I'd be comfortable with that approach, except that we have discouraged use > >of policy qualifiers, as Russ noted. > > > >Let me suggest again that you send another message that includes a > >comprehensive rationale for inclusion of logotypes, indicating what types > >of certs would be allowed to contain them, what reference form you > >envision, and what controls you think should be employed to prevent the > >sorts of misuse I warned about. With a concrete proposal, and well > >articulated rationale on the table, I think we have a better chance of > >making progress. > > > >Steve >
- RE: Logotypes in certificates David Cross
- RE: Logotypes in certificates Michael Zolotarev
- Re: Logotypes in certificates Anders Rundgren
- RE: Logotypes in certificates David Cross
- RE: Logotypes in certificates Stefan Santesson
- RE: Logotypes in certificates Stefan Santesson
- Re: Logotypes in certificates Rich Salz
- RE: Logotypes in certificates Trevor Freeman
- RE: Logotypes in certificates Trevor Freeman
- RE: Logotypes in certificates Ambarish Malpani
- RE: Logotypes in certificates Trevor Freeman
- RE: Logotypes in certificates Michael Zolotarev
- Re: Logotypes in certificates Eric Murray
- RE: Logotypes in certificates Stefan Santesson
- RE: Logotypes in certificates Michael Myers
- Re: Logotypes in certificates Stefan Santesson
- RE: Logotypes in certificates Stephen Kent
- RE: Logotypes in certificates Andrew Hoag
- Re: Logotypes in certificates Dean Povey
- Re: Logotypes in certificates Dean Povey
- RE: Logotypes in certificates Tim Moses
- RE: Logotypes in certificates todd.glassey
- RE: Logotypes in certificates Stefan Santesson
- RE: Logotypes in certificates Stephen Kent
- RE: Logotypes in certificates Stefan Santesson
- Re: Logotypes in certificates Dean Povey
- Re: Logotypes in certificates Stephen Kent
- RE: Logotypes in certificates Ambarish Malpani
- RE: Logotypes in certificates Tom Gindin
- RE: Logotypes in certificates Michael Zolotarev
- Re: Logotypes in certificates Terry Hayes
- RE: Logotypes in certificates Peter Gutmann
- RE: Logotypes in certificates Hal Lockhart
- RE: Logotypes in certificates Stephen Kent
- RE: Logotypes in certificates Stephen Kent
- RE: Logotypes in certificates Stephen Kent
- RE: Logotypes in certificates David Cross
- RE: Logotypes in certificates Stefan Santesson
- RE: Logotypes in certificates Michael Zolotarev
- RE: Logotypes in certificates todd.glassey
- RE: Logotypes in certificates Trevor Freeman
- RE: Logotypes in certificates Russ Housley
- Re: Logotypes in certificates Dean Povey
- RE: Logotypes in certificates Michael Zolotarev
- RE: Logotypes in certificates Manger, James H
- RE: Logotypes in certificates Stephen Kent
- Re: Logotypes in certificates David P. Kemp
- Re: Logotypes in certificates Michael Ströder
- Re: Logotypes in certificates Dean Povey
- Re: Logotypes in certificates Michael Ströder
- Re: Logotypes in certificates Dean Povey
- Re: Logotypes in certificates Michael Ströder
- Re: Logotypes in certificates Stefan Santesson
- RE: Logotypes in certificates Bob Jueneman
- RE: Logotypes in certificates Stefan Santesson
- RE: Logotypes in certificates todd.glassey
- RE: Logotypes in certificates Stephen Kent
- Re: Logotypes in certificates Anders Rundgren
- RE: Logotypes in certificates Stefan Santesson