Re: [smime] RFC3125: Question - CertInfoReq fullPath
Jim Schaad <ietf@augustcellars.com> Fri, 03 November 2017 18:08 UTC
Return-Path: <ietf@augustcellars.com>
X-Original-To: smime@ietfa.amsl.com
Delivered-To: smime@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D6AAF13FF26 for <smime@ietfa.amsl.com>; Fri, 3 Nov 2017 11:08:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=augustcellars.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id famJqVajNiQa for <smime@ietfa.amsl.com>; Fri, 3 Nov 2017 11:08:26 -0700 (PDT)
Received: from mail4.augustcellars.com (augustcellars.com [50.45.239.150]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6714213FF24 for <smime@ietf.org>; Fri, 3 Nov 2017 11:08:26 -0700 (PDT)
Content-Type: multipart/alternative; boundary="----=_NextPart_000_000D_01D35494.0E97AAB0"
Content-Language: en-us
DKIM-Signature: v=1; a=rsa-sha256; d=augustcellars.com; s=winery; c=simple/simple; t=1509732503; h=from:subject:to:date:message-id; bh=SQRMhMjXCjojmKCMK2aLLuT9WL7rNMfolo4fU1qG9oY=; b=VqFFwNtIA+kkn+oz8gGoogyIqzTzAJYxPemiVYXCCn4tCg+lXWyg6BB5BgKre1cmdcMk8h5dnzy Qgwb1BS8PwX0sQsZSlZF3YIXFd+E5S/Qvl38fy2+IyhncC8pTix5iarb6im2NB1qVpYIQ0T4k0dtm 5crrfJpAZFSew6c2WY6T493o0Zvf67I+f0ovRaEYg33Wm9GbNwd8nG37trloL1GgPnWCaUpBBiMzX 7KpMhxR306Ka3gEW+uu6B8HIlAickHTzRv2q6oOMZPSepJAXerrRuH4k4vIJd0G2/pa2j7mg5fMLW HGqchfwsVnEfXo3uUyAnDCTUp2jYjfXTrgjw==
Received: from mail2.augustcellars.com (192.168.1.201) by mail4.augustcellars.com (192.168.1.153) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Fri, 3 Nov 2017 11:08:22 -0700
Received: from Hebrews (192.168.1.162) by mail2.augustcellars.com (192.168.1.201) with Microsoft SMTP Server (TLS) id 15.0.1263.5; Fri, 3 Nov 2017 11:07:19 -0700
From: Jim Schaad <ietf@augustcellars.com>
To: "'Hajek, Juraj'" <Juraj.Hajek@ardaco.com>, smime@ietf.org
References: <73d57ce76d7a43b38666557558a5d9a7@XSI.ardaco.local> <e80f72fa03ee41efb9c8a3bcf396be44@XSI.ardaco.local>
In-Reply-To: <e80f72fa03ee41efb9c8a3bcf396be44@XSI.ardaco.local>
Date: Fri, 03 Nov 2017 11:08:17 -0700
Message-ID: <000c01d354ce$baf32750$30d975f0$@augustcellars.com>
MIME-Version: 1.0
X-Mailer: Microsoft Outlook 16.0
Thread-Index: AQDlC+65FtxNHzNwXhyqg5MngOp/SAKSb5TjpMrx3XA=
X-Originating-IP: [192.168.1.162]
Archived-At: <https://mailarchive.ietf.org/arch/msg/smime/KlAlSiKPVmWNWRAY0G0Hw2FEAc8>
Subject: Re: [smime] RFC3125: Question - CertInfoReq fullPath
X-BeenThere: smime@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: SMIME Working Group <smime.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/smime>, <mailto:smime-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/smime/>
List-Post: <mailto:smime@ietf.org>
List-Help: <mailto:smime-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/smime>, <mailto:smime-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Nov 2017 18:08:28 -0000
Normally one would presume that the trust point is shared and thus can be excluded from the path. I do not believe that a problem would exist if a reference to the trust point existed, as long as that did not constitute a trust decision. Jim From: smime [mailto:smime-bounces@ietf.org] On Behalf Of Hajek, Juraj Sent: Friday, November 3, 2017 3:10 AM To: smime@ietf.org Subject: Re: [smime] RFC3125: Question - CertInfoReq fullPath Hello, we are not sure about the interpretation of the following sentence in RFC3125 (https://datatracker.ietf.org/doc/rfc3125/?include_text=1). CertRefReq and CertInfoReq, p.9 References for full cert path up to a trust point required Does it mean that the trust point should be included or excluded in the path? Thank you very much. Best regards, Juraj Hájek Project Manager Ardaco, a.s.
- Re: [smime] RFC3125: Question - CertInfoReq fullP… Hajek, Juraj
- Re: [smime] RFC3125: Question - CertInfoReq fullP… Jim Schaad