Re: [lamps] Revocation Request Format?

Stephen Farrell <> Mon, 05 March 2018 10:49 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 848AD128954 for <>; Mon, 5 Mar 2018 02:49:45 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -4.311
X-Spam-Status: No, score=-4.311 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (1024-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id W87CoYXLLOQ7 for <>; Mon, 5 Mar 2018 02:49:43 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 0509312783A for <>; Mon, 5 Mar 2018 02:49:42 -0800 (PST)
Received: from localhost (localhost []) by (Postfix) with ESMTP id B045DBE2E; Mon, 5 Mar 2018 10:49:39 +0000 (GMT)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id zHt8dDrW0xmo; Mon, 5 Mar 2018 10:49:39 +0000 (GMT)
Received: from [] ( []) by (Postfix) with ESMTPSA id B722ABE38; Mon, 5 Mar 2018 10:49:38 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;; s=mail; t=1520246978; bh=hgf0DrO+fNzdGaZ1u531L5Iq+leFNhPpd8RmK8ISCns=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=sOHo5ivC2MJfbeMe6/Vf0AzgH0KzVx52/pLwYBxWJ6zJ8RbvBBoKrbJVn/TxDcTKt 9IflQSsse7h8cBMJlB1xWD0u6lT2IY3KpBmAt8yNTNDwln9NWjBwBvzDD9uuGAmQ+h LdPay+CJ9gO7x4f9AfoZs4bT4MwBSF9X95GJr56s=
To: Tim Hollebeek <>, Ryan Sleevi <>, Phillip Hallam-Baker <>
Cc: SPASM <>, Peter Bowen <>
References: <> <> <> <> <> <> <> <> <> <> <>
From: Stephen Farrell <>
Openpgp: id=5BB5A6EA5765D2C5863CAE275AB2FAF17B172BEA; url=
Message-ID: <>
Date: Mon, 5 Mar 2018 10:49:37 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0
MIME-Version: 1.0
In-Reply-To: <>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="NlE8WphOKU1FvWA1syKbKNnl9nKGZxWau"
Archived-At: <>
Subject: Re: [lamps] Revocation Request Format?
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 05 Mar 2018 10:49:45 -0000

Coupla minor notes below...

On 05/03/18 09:31, Tim Hollebeek wrote:
> I agree with this.  There’s no need to rush into anything as no
> buildings are currently burning down, but some of the things people
> are doing are slightly silly, and it would be worthwhile to come up
> with a set of potentially non-silly things, and look at the
> advantages/disadvantages of each.
> It might be good to start with a Use Cases document first, to figure
> out who the participants/constituents would be. 

I'm not convinced that a use-cases document/draft would be useful,
just on the basis that, in the IETF context, those often tend to
produce text that ends up ignored (or OBE). But if someone has the
interest and cycles to write such text, then that's up to them and
maybe it'd be useful in this case, not sure. When it exists, I guess
I'd read it.

> This would align with
> Stephen’s remark re: what writers of private key handling s/w should
> use. 

I think s/should use/would use/ is more in line with what I meant to
say, both for CAs and those writing/using private key handling s/w.
Put another way, there's a lot of things we could say such folks
"should" do, but there's little point in doing so unless they would
actually do stuff.


> Considering such solutions naturally preclude solving (some of)
> the “compromise” scenarios that must be dealt with today, the merits
> of those use cases could be independently evaluated before trying to
> shape such work.