[lamps] draft-housley-lamps-norevavail-00
Russ Housley <housley@vigilsec.com> Thu, 18 May 2023 21:23 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7455DC151074 for <spasm@ietfa.amsl.com>; Thu, 18 May 2023 14:23:37 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U1lJz5F0705k for <spasm@ietfa.amsl.com>; Thu, 18 May 2023 14:23:33 -0700 (PDT)
Received: from mail3.g24.pair.com (mail3.g24.pair.com [66.39.134.11]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 06B9CC14CE2E for <spasm@ietf.org>; Thu, 18 May 2023 14:23:33 -0700 (PDT)
Received: from mail3.g24.pair.com (localhost [127.0.0.1]) by mail3.g24.pair.com (Postfix) with ESMTP id E1BB0EF8CB; Thu, 18 May 2023 17:23:31 -0400 (EDT)
Received: from [192.168.1.161] (unknown [96.241.2.243]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail3.g24.pair.com (Postfix) with ESMTPSA id CCBFBEF901; Thu, 18 May 2023 17:23:31 -0400 (EDT)
From: Russ Housley <housley@vigilsec.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_BB3919B5-D496-42D6-8CB4-F86F7F3E8AE4"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.21\))
Date: Thu, 18 May 2023 17:23:31 -0400
References: <168444309553.24047.14923062710269229403@ietfa.amsl.com>
Cc: Joe Mandel <Joe.Mandel@secureg.io>, Tomofumi Okubo <tomofumi.okubo@gmail.com>
To: LAMPS <spasm@ietf.org>
Message-Id: <E2BE1DCD-A241-4DDF-A5EC-DD3209C4CDA2@vigilsec.com>
X-Mailer: Apple Mail (2.3445.104.21)
X-Scanned-By: mailmunge 3.11 on 66.39.134.11
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/TavHTD_8mhBe4YBRkwmh7aLhyHE>
Subject: [lamps] draft-housley-lamps-norevavail-00
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 May 2023 21:23:37 -0000
I want the LAMPS WG to be aware of this I-D. However, I do not think we should adopt it until the event predicted in the History section actually comes to pass: With greater use of short-lived certificates in the Internet, the next revision of ITU-T Recommendation X.509 [X.509-TBD] is expected to allow the noRevAvail certificate extension to be used with public key certificates as well as attribute certificates. Russ > From: internet-drafts@ietf.org <mailto:internet-drafts@ietf.org> > Subject: New Version Notification for draft-housley-lamps-norevavail-00.txt > Date: May 18, 2023 at 4:51:35 PM EDT > To: "Joseph Mandel" <joe.mandel@secureg.io <mailto:joe.mandel@secureg.io>>, "Russ Housley" <housley@vigilsec.com <mailto:housley@vigilsec.com>>, "Tomofumi Okubo" <tomofumi.okubo+ietf@gmail.com <mailto:tomofumi.okubo+ietf@gmail.com>> > > > A new version of I-D, draft-housley-lamps-norevavail-00.txt > has been successfully submitted by Russ Housley and posted to the > IETF repository. > > Name: draft-housley-lamps-norevavail > Revision: 00 > Title: No Revocation Available for Short-lived X.509 Certificates > Document date: 2023-05-18 > Group: Individual Submission > Pages: 8 > URL: https://www.ietf.org/archive/id/draft-housley-lamps-norevavail-00.txt <https://www.ietf.org/archive/id/draft-housley-lamps-norevavail-00.txt> > Status: https://datatracker.ietf.org/doc/draft-housley-lamps-norevavail/ <https://datatracker.ietf.org/doc/draft-housley-lamps-norevavail/> > Html: https://www.ietf.org/archive/id/draft-housley-lamps-norevavail-00.html <https://www.ietf.org/archive/id/draft-housley-lamps-norevavail-00.html> > Htmlized: https://datatracker.ietf.org/doc/html/draft-housley-lamps-norevavail <https://datatracker.ietf.org/doc/html/draft-housley-lamps-norevavail> > > > Abstract: > Short-lived X.509v3 public key certificates as profiled in RFC 5280 > are seeing greater use in the Internet. The Certification Authority > (CA) that issues these short-lived certificates do not publish > revocation information because the certificate lifespan that is > shorter than the time needed to detect, report, and distribute > revocation information. This specification defines the noRevAvail > certificate extension so that a relying party can readily determine > that the CA does not publish revocation information for the > certificate.
- [lamps] draft-housley-lamps-norevavail-00 Russ Housley
- Re: [lamps] draft-housley-lamps-norevavail-00 Tomofumi Okubo
- Re: [lamps] draft-housley-lamps-norevavail-00 Tim Hollebeek
- Re: [lamps] draft-housley-lamps-norevavail-00 Mike Ounsworth
- Re: [lamps] draft-housley-lamps-norevavail-00 Salz, Rich
- Re: [lamps] draft-housley-lamps-norevavail-00 Salz, Rich
- Re: [lamps] draft-housley-lamps-norevavail-00 Russ Housley
- Re: [lamps] draft-housley-lamps-norevavail-00 Russ Housley
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Mike Ounsworth
- Re: [lamps] draft-housley-lamps-norevavail-00 Mike Ounsworth
- Re: [lamps] draft-housley-lamps-norevavail-00 Tim Hollebeek
- Re: [lamps] draft-housley-lamps-norevavail-00 Tim Hollebeek
- Re: [lamps] draft-housley-lamps-norevavail-00 Russ Housley
- Re: [lamps] draft-housley-lamps-norevavail-00 Seo Suchan
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Mike Ounsworth
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Russ Housley
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Deb Cooley
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Mike Ounsworth
- Re: [lamps] draft-housley-lamps-norevavail-00 Jeffrey Walton
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Watson Ladd
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Mike Ounsworth
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Tim Hollebeek
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Tim Hollebeek
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Russ Housley
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Mike Ounsworth
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Mike Ounsworth
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Mike Ounsworth
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Russ Housley
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Salz, Rich
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Mike Ounsworth
- Re: [lamps] [EXTERNAL] Re: draft-housley-lamps-no… Michael StJohns