[saag] PKIX report
Stephen Kent <kent@bbn.com> Wed, 29 July 2009 15:24 UTC
Return-Path: <kent@bbn.com>
X-Original-To: saag@core3.amsl.com
Delivered-To: saag@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0AA973A6823 for <saag@core3.amsl.com>; Wed, 29 Jul 2009 08:24:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.465
X-Spam-Level:
X-Spam-Status: No, score=-2.465 tagged_above=-999 required=5 tests=[AWL=0.134, BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id da5LUU0d6rW2 for <saag@core3.amsl.com>; Wed, 29 Jul 2009 08:24:37 -0700 (PDT)
Received: from mx3.bbn.com (mx3.bbn.com [128.33.1.81]) by core3.amsl.com (Postfix) with ESMTP id 38F0D3A6983 for <saag@ietf.org>; Wed, 29 Jul 2009 08:24:16 -0700 (PDT)
Received: from dommiel.bbn.com ([192.1.122.15] helo=[130.129.18.170]) by mx3.bbn.com with esmtp (Exim 4.63) (envelope-from <kent@bbn.com>) id 1MWB0p-0007jR-Ch; Wed, 29 Jul 2009 11:24:16 -0400
Mime-Version: 1.0
Message-Id: <p06240802c696122de8af@[130.129.18.170]>
Date: Wed, 29 Jul 2009 11:24:13 -0400
To: saag@ietf.org
From: Stephen Kent <kent@bbn.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Subject: [saag] PKIX report
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/saag>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jul 2009 15:24:38 -0000
PKIX meeting report About 42 individuals attended the single PKIX session at the 75th IETF. Four PKIX document have been approved by the IESG and are awaiting publication. One is entering IETF last call, one is slated for a telechat in 3 weeks, and another has just completed WG last call. Seven other document are in process in the WG. The remaining two trust anchor documents will enter WGLC in a few weeks, and software implementing the functionality of these documents will be made available. Stefan Santesson will take over as editor of RFC 4557bis (OCSP). The revisions will add an extension allowing a client to express algorithm preferences for OCSP responses, and will specify an algorithm for how an OCSP server selects the algorithm to use in signing a response. Stefan also will act as editor for the update for RFC 3161 (Time Stamping). This RFC will have a minor change made to accommodate ESSv2 cert IDs, to allow use of hash algorithms other than SHA-1. This is consistent with our algorithm agility mandate, and will harmonize this RFC with existing ETSI efforts. Stefan, completing a hat trick, discussed his I-D on linking images to certs. The intent is to extend RFC 3709 (Logotypes) to allow additional image formats for scaleable graphic representation. The meeting concluded with two non-WG presentations. One, by Stefan, discussed an ongoing technical effort in the EU to reduce ambiguity of distinguished names in X,509 certs. The plan is to use metadata to provide a guide to interpreting DN attributes on a per CA basis. Steve presented a proposal for relying party management of trust anchors, focusing on the RPKI requirement for such a capability.
- Re: [saag] PKIX report Hallam-Baker, Phillip
- [saag] PKIX report Stephen Kent
- Re: [saag] PKIX report Hallam-Baker, Phillip
- Re: [saag] PKIX report Stephen Kent
- Re: [saag] PKIX report Stephen Kent
- [saag] PKIX report Stephen Kent
- [saag] PKIX report Stephen Kent
- [saag] PKIX report Stephen Kent