IETF Logo Mail Archive

[saag] PKIX report

Stephen Kent <kent@bbn.com> Wed, 10 November 2010 07:00 UTC

Return-Path: <kent@bbn.com>
X-Original-To: saag@core3.amsl.com
Delivered-To: saag@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5959A3A69D6 for <saag@core3.amsl.com>; Tue, 9 Nov 2010 23:00:42 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.599
X-Spam-Level:
X-Spam-Status: No, score=-102.599 tagged_above=-999 required=5 tests=[AWL=0.000, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id elVgotG9t+5V for <saag@core3.amsl.com>; Tue, 9 Nov 2010 23:00:35 -0800 (PST)
Received: from smtp.bbn.com (smtp.bbn.com [128.33.0.80]) by core3.amsl.com (Postfix) with ESMTP id E13CA3A69D5 for <saag@ietf.org>; Tue, 9 Nov 2010 23:00:24 -0800 (PST)
Received: from dommiel.bbn.com ([192.1.122.15]:47597 helo=[130.129.35.119]) by smtp.bbn.com with esmtp (Exim 4.71 (FreeBSD)) (envelope-from <kent@bbn.com>) id 1PG4fq-000F1Q-Sl for saag@ietf.org; Wed, 10 Nov 2010 02:00:51 -0500
Mime-Version: 1.0
Message-Id: <p06240804c8ffef6af2c1@[130.129.35.119]>
Date: Wed, 10 Nov 2010 02:00:47 -0500
To: saag@ietf.org
From: Stephen Kent <kent@bbn.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Subject: [saag] PKIX report
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Nov 2010 07:00:42 -0000

PKIX met for about an hour, on Wednesday morning, with about out 30 attendees.

A quick doc status review:
	- 3 new RFCs: 5934, 6024, & 6025
	- 2 in IESG (1 about to begin IETF LC)
	- 4 in the WG: CMC Updates, 5280 clarifications, OCSP update
	    and transport protocols for CMP

The OCSP update doc is essentially done, and we elected to defer a 
couple of issues until we begin work on OCSP-bis.

We decided to issue a new doc defining SMIME Capabilities for signature
alg parameters, to address an OCSP alg agility requirement.

We also had a presentation on an I-D from the SIDR WG, which 
describes another approach to local management of trust anchors. The 
mechanism described
here is somewhat complex, because of the need to accommodate the path 
validation rules of RFC 3779. (The Resoure PKI, developed in the SIDR 
WG, makes use of 3779 extensions, and thus the complexity is needed 
in that context).  However, the basic notion of re-issuing proffered 
TAs under an RP-controlled TA, may of general utility.

v2.23.0 | Report a Bug | By Email