IETF Logo Mail Archive

Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-norevavail-00

"Salz, Rich" <rsalz@akamai.com> Tue, 23 May 2023 19:32 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 67B17C14CE5F for <spasm@ietfa.amsl.com>; Tue, 23 May 2023 12:32:02 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.093
X-Spam-Level:
X-Spam-Status: No, score=-2.093 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id C6vSIwkYNSpf for <spasm@ietfa.amsl.com>; Tue, 23 May 2023 12:31:58 -0700 (PDT)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [IPv6:2620:100:9005:57f::1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8F71C151543 for <spasm@ietf.org>; Tue, 23 May 2023 12:31:58 -0700 (PDT)
Received: from pps.filterd (m0122330.ppops.net [127.0.0.1]) by mx0b-00190b01.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 34NHRHCU025367; Tue, 23 May 2023 20:31:56 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=jan2016.eng; bh=aJuh4PMzysN4voecsldOhOk+NLNVHEmB0RPwCniN4G0=; b=jffOJsKipWpJRwV7NduCcD0slXzq7JKIi4+xIOCXFc5lfTJgP87ouovAzUa21x1i8xGi o9E8g4z5PhH0LKghyTfuwyGV23SOSB2Hss6OGzWiartRM8ASIe1rGr5YsEscbLTAtxnp 3Wh2Ire5SvkfAuJAPCoxIDFQJ72hDZuYHqvenpCCOcgEZB2S2JvZ5+xErimyC21JUfDs p6bUHHDLfD5/79P0dijyDn92K2qPcVxvsiL3TRQ6fbYeY/3PXH3yx5Tyb8B2es3oRCIl p6+jvke+eK1v+hNHy1/n8DHIi+RhDhds4gnXfgNc+16pfxbUMt40Nl8Jh5qCP15W3+5v Yw==
Received: from prod-mail-ppoint8 (a72-247-45-34.deploy.static.akamaitechnologies.com [72.247.45.34] (may be forged)) by mx0b-00190b01.pphosted.com (PPS) with ESMTPS id 3qpnuywsyf-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 23 May 2023 20:31:55 +0100
Received: from pps.filterd (prod-mail-ppoint8.akamai.com [127.0.0.1]) by prod-mail-ppoint8.akamai.com (8.17.1.19/8.17.1.19) with ESMTP id 34NGR4WG005376; Tue, 23 May 2023 15:31:55 -0400
Received: from email.msg.corp.akamai.com ([172.27.50.204]) by prod-mail-ppoint8.akamai.com (PPS) with ESMTPS id 3qpshwm22w-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 23 May 2023 15:31:55 -0400
Received: from ustx2ex-dag4mb4.msg.corp.akamai.com (172.27.50.203) by ustx2ex-dag4mb5.msg.corp.akamai.com (172.27.50.204) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.2.1118.26; Tue, 23 May 2023 12:31:54 -0700
Received: from ustx2ex-dag4mb4.msg.corp.akamai.com ([172.27.50.203]) by ustx2ex-dag4mb4.msg.corp.akamai.com ([172.27.50.203]) with mapi id 15.02.1118.026; Tue, 23 May 2023 12:31:54 -0700
From: "Salz, Rich" <rsalz@akamai.com>
To: Mike Ounsworth <Mike.Ounsworth=40entrust.com@dmarc.ietf.org>, Russ Housley <housley@vigilsec.com>, Tim Hollebeek <tim.hollebeek@digicert.com>
CC: Seo Suchan <tjtncks@gmail.com>, LAMPS <spasm@ietf.org>
Thread-Topic: [lamps] [EXTERNAL] Re: draft-housley-lamps-norevavail-00
Thread-Index: AQHZipLc3paY3Ts4bkWddUR4Z90ax69lcAOAgAMILQCAADCIAIAABjkAgAAAeICAAAJMAP//xeUA
Date: Tue, 23 May 2023 19:31:54 +0000
Message-ID: <E229AFFA-101F-4EA5-B34D-9744DEC266A3@akamai.com>
References: <168444309553.24047.14923062710269229403@ietfa.amsl.com> <E2BE1DCD-A241-4DDF-A5EC-DD3209C4CDA2@vigilsec.com> <a2122a10-fdfd-aabc-5c3c-242d90bd4175@gmail.com> <D18F7C58-EC30-4640-9AB7-94E428B79F62@vigilsec.com> <CH0PR11MB5739CD4F7CCE62CE34E4B7319F7C9@CH0PR11MB5739.namprd11.prod.outlook.com> <3FEBFDE6-1AA9-4615-AFA7-FB0B650A5DAB@vigilsec.com> <SN7PR14MB6492368040612089C83EB21983409@SN7PR14MB6492.namprd14.prod.outlook.com> <FBE4078F-33C0-49E0-A25C-69BCA88DC0E6@vigilsec.com> <DM8PR11MB5736036B93C87D3F6A719DE09F409@DM8PR11MB5736.namprd11.prod.outlook.com> <DM8PR11MB5736E02D5E52113CAD16A6289F409@DM8PR11MB5736.namprd11.prod.outlook.com> <DM8PR11MB573650B6F19B3443B54B5AF69F409@DM8PR11MB5736.namprd11.prod.outlook.com>
In-Reply-To: <DM8PR11MB573650B6F19B3443B54B5AF69F409@DM8PR11MB5736.namprd11.prod.outlook.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/16.73.23051401
x-originating-ip: [172.27.164.43]
Content-Type: multipart/alternative; boundary="_000_E229AFFA101F4EA5B34D9744DEC266A3akamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.573,FMLib:17.11.176.26 definitions=2023-05-23_12,2023-05-23_02,2023-05-22_02
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 bulkscore=0 mlxlogscore=413 phishscore=0 adultscore=0 spamscore=0 mlxscore=0 suspectscore=0 malwarescore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2304280000 definitions=main-2305230156
X-Proofpoint-GUID: CHy0Q9PEhDJyhMoJYqa5xPSWL3OVTZcn
X-Proofpoint-ORIG-GUID: CHy0Q9PEhDJyhMoJYqa5xPSWL3OVTZcn
X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.254,Aquarius:18.0.957,Hydra:6.0.573,FMLib:17.11.176.26 definitions=2023-05-23_12,2023-05-23_02,2023-05-22_02
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=370 mlxscore=0 phishscore=0 bulkscore=0 spamscore=0 impostorscore=0 priorityscore=1501 malwarescore=0 lowpriorityscore=0 clxscore=1011 suspectscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2304280000 definitions=main-2305230158
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/5J5nnaM2twJ3UrZzzc8RarLbSGk>
Subject: Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-norevavail-00
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 May 2023 19:32:02 -0000

“A CA MUST NOT include the extension id-pkix-ocsp-nocheck in a
 certificate issued to an entity other than an OCSP Responder (ie that contains the id-kp-OCSPSigning EKU).”

Yes!

v2.23.0 | Report a Bug | By Email