Re: [lamps] Revocation Request Format?

Tim Hollebeek <tim.hollebeek@digicert.com> Mon, 05 March 2018 09:31 UTC

Return-Path: <tim.hollebeek@digicert.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 750EF126579 for <spasm@ietfa.amsl.com>; Mon, 5 Mar 2018 01:31:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.001
X-Spam-Level:
X-Spam-Status: No, score=-2.001 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=digicert.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id FK4FDtSEX8p0 for <spasm@ietfa.amsl.com>; Mon, 5 Mar 2018 01:31:20 -0800 (PST)
Received: from mail1.bemta8.messagelabs.com (mail1.bemta8.messagelabs.com [216.82.243.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A332912D96B for <SPASM@ietf.org>; Mon, 5 Mar 2018 01:31:18 -0800 (PST)
Received: from [216.82.242.36] (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256 bits)) by server-9.bemta-8.messagelabs.com id 01/74-28689-56E0D9A5; Mon, 05 Mar 2018 09:31:17 +0000
X-Brightmail-Tracker: H4sIAAAAAAAAA2WTe0xTVxzHe+6jvWCvuRQcvyEaVjWZIFg0zps Zo/6hVpNFja+tceotXGljH9hbZpfFQGTzVQ2iGLA8qoYggkw0XSJBApIYYmVDUcGp+ECztYJR EaKwxXpv7/UV/zn5nN/3+3uck3MoXHdck0TxHjfvcnA2vTqWuJUSyEzPHl9pMpw88S1b/Lwcs ZEHYYI9dL8SsVU9WWxpS49mIWls8N5UG5t8fRrj1foRzFhdPYoZC5ubiZWkibQ6zE7PZtLSVt GK51at8/xVNLEAPVu1D8VSBPMMA+/+XrW00TElGFTfHMb3oRhxcx9BUVeexGrGAD0tHZjECcx aOFPbGWWcscKNe2NqieOZmdDc34DLHgP81hsgZXZAfU1FNE4wU8F/qDDqp5kNMNQ4gsuNq0jo K+6PFo1hVsHwn8eQxIj5Al4FTyvNEuH2Y3+UgUmAh9euqGWeAOFHb0jZvwEqX7YrcT38PnhX8 U+Cbr8XSc2ACWBwxOfXyEIG/FH8FMn8HZwcDSqmvRgEQldJWUiF86/bFNNWGDo7SMi8HCKdRb icEMKgqGCn0joZdj89pwj/kFB25o5yqdlQUteuloX/MBgpvY0fRKm+j87nEzWc8SO4tn+M8EV vKg4uH30sMiUKJih97Zb9qVC9M6KROQ1qjg/gMk+H4YN3iM/j86Bs7KJa5q+gxPtQyZ0DA5de oGNoXB36WuBdP/Gu9FmZGWaXNcfitnNWW3qmgc2w84LA5fA2zixkZDnt55D4OPNVKnQeNXUtb UdfUph+Ar1RW2nSjTc7s3+2cIJlkyvPxgvtKJmi9EAHaVGLc/E5vGeL1Sa+8HcyUFp9Ap0vpd JCLmcXrDmyFEQLqBul/+7CqUB/WFzbouut0MAuXEc4nA4+KZEul6oyUpolz/G+6Luf040mJcX TSKVS6bS5vMtudX+qP0GJFNLH0/OlKlqrw/2+9xNxLEwcq6uvQhrLzX2QkgrQHqZn4+BQ8Eqh 8XD3C4Pz1945y2YtHn2V3896yrZ/c+DHHavrT4Vm+FPWsELy9/XTluzwbnXW1M2evG2z73pTj LmwLTy/s2+UympgL8aaWlsbtbUpkQvhNc/zqSVpju6XHSs2tXRYAj9QkblTYv+f+Utk/d/6PY 1poeDuOG3tonDvOD0hWLjMVNwlcG8BiUHkujQEAAA=
X-Env-Sender: tim.hollebeek@digicert.com
X-Msg-Ref: server-5.tower-94.messagelabs.com!1520242276!179782060!1
X-Originating-IP: [216.32.180.49]
X-StarScan-Received:
X-StarScan-Version: 9.4.45; banners=-,-,-
X-VirusChecked: Checked
Received: (qmail 142119 invoked from network); 5 Mar 2018 09:31:16 -0000
Received: from mail-by2nam03lp0049.outbound.protection.outlook.com (HELO NAM03-BY2-obe.outbound.protection.outlook.com) (216.32.180.49) by server-5.tower-94.messagelabs.com with AES256-SHA256 encrypted SMTP; 5 Mar 2018 09:31:16 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=digicert.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=I/j22b7MOecY32XZBQQU1qhbBIuaVCoF0Um9hKYniKI=; b=J2uZGhYlEbwIGyIDfbxgZKn68GSeV57CNjNgAcM0HW8mm1ZuXJW/6Vkl9mBjc+46U4S4WX4dr7pd9dpZkQZZlQbVXhJqKtCnuVbDeb+sWj8TtHOn5dr9dBuar8lb1udSU+9JbgY0mx0NfjlMgn+Ux2XgGUVje5ggPPnJ+3jNbl4=
Received: from MWHPR14MB1376.namprd14.prod.outlook.com (10.173.232.139) by MWHPR14MB1151.namprd14.prod.outlook.com (10.173.101.17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.548.13; Mon, 5 Mar 2018 09:31:14 +0000
Received: from MWHPR14MB1376.namprd14.prod.outlook.com ([fe80::7929:3f48:4a4f:1e32]) by MWHPR14MB1376.namprd14.prod.outlook.com ([fe80::7929:3f48:4a4f:1e32%18]) with mapi id 15.20.0548.016; Mon, 5 Mar 2018 09:31:14 +0000
From: Tim Hollebeek <tim.hollebeek@digicert.com>
To: Ryan Sleevi <ryan-ietf@sleevi.com>, Phillip Hallam-Baker <phill@hallambaker.com>
CC: SPASM <SPASM@ietf.org>, Peter Bowen <pzbowen@gmail.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
Thread-Topic: [lamps] Revocation Request Format?
Thread-Index: AQHTsjInSyN45zGu70muhef4KLLyqaO9HOwAgABBwICAAAPKgIAAEXSAgAAHYICAAA1TAIAAhPcAgACyZICAABgIAIACjFYA
Date: Mon, 5 Mar 2018 09:31:14 +0000
Message-ID: <MWHPR14MB1376F063D0655399B1FDE93283DA0@MWHPR14MB1376.namprd14.prod.outlook.com>
References: <CAMm+LwjAP78hNL9Yaxqaf4K9RHYGk4M8ayJjCWt=F3_VN28cFQ@mail.gmail.com> <CAErg=HEK0aJm+Xb06px=vmfpyESetdRpe2x=q+Wca=9J8nErmw@mail.gmail.com> <CAK6vND8p55yNVoXO6_eJs1ooodVBAFZovJ84ou6uj_4qHt5DGA@mail.gmail.com> <CAMm+LwjKKqaG+OjSw3KaSvwymy6mvvyEDx1sMp2EGqXqvPSdjA@mail.gmail.com> <CAErg=HFBWaSV5-mJCBO8fLP3esfnseiqqJ_Fh1x78BW9=P-kUQ@mail.gmail.com> <26f237b9-bbe6-6efe-2a43-394d44e8334c@cs.tcd.ie> <CAErg=HH+B5+DcvPfUixy-3egm3zdhGjMangtAL0wixKE5PVkzw@mail.gmail.com> <62156108-02c7-054e-1311-855636e3fb52@cs.tcd.ie> <CAMm+LwixRjab9fWRYYzx_WJEMh-wua68tjxkVmHdjJVJkL8OQw@mail.gmail.com> <CAErg=HE8jLA3ANJhwPw-zDhKaoqp7AnDRNRwaU0i332vuOTwHw@mail.gmail.com>
In-Reply-To: <CAErg=HE8jLA3ANJhwPw-zDhKaoqp7AnDRNRwaU0i332vuOTwHw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [98.111.253.132]
x-ms-publictraffictype: Email
x-microsoft-exchange-diagnostics: 1; MWHPR14MB1151; 7:nr/TVkxNKQN9F3eL3AmBp8GcLbaBg8mdWJxjOB5Sqr84I5A/HXAgJB31JTPMBjjC2ptVIMlAwU8IEnwtL7LqNdg1OJ+ncAjlulRu3IxQKLD6HT4LHUC+5obBj7YiNwDJYxfdmfU0k/ua2W86asj2GzhK6k/ou/076Pr49T7m9lBLOTSJNLFSAU7iLMvcYibsjoli3ykN4Rhnked0+sff1g8uuWlD68FReV5/c2O20SAwUOY76ViHiT5Lffu3q3pB
x-ms-exchange-antispam-srfa-diagnostics: SSOS;
x-ms-office365-filtering-correlation-id: 7deb1bcb-50a6-40d6-f1ce-08d5827bd736
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(7020095)(4652020)(7021125)(5600026)(4604075)(3008032)(4534165)(7022125)(4603075)(4627221)(201702281549075)(7048125)(7024125)(7027125)(7028125)(7023125)(2017052603307)(7153060)(49563074)(7193020); SRVR:MWHPR14MB1151;
x-ms-traffictypediagnostic: MWHPR14MB1151:
x-microsoft-antispam-prvs: <MWHPR14MB1151E2BBFE7FF507717BEBE383DA0@MWHPR14MB1151.namprd14.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(28532068793085)(21748063052155);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(102415395)(6040501)(2401047)(8121501046)(5005006)(93006095)(93001095)(3231220)(944501244)(52105095)(10201501046)(3002001)(6041288)(2016111802025)(20161123564045)(20161123562045)(20161123558120)(20161123560045)(6072148)(6043046)(201708071742011); SRVR:MWHPR14MB1151; BCL:0; PCL:0; RULEID:; SRVR:MWHPR14MB1151;
x-forefront-prvs: 06022AA85F
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39860400002)(366004)(39380400002)(396003)(346002)(376002)(189003)(199004)(2906002)(110136005)(105586002)(229853002)(8676002)(2950100002)(81156014)(99936001)(54906003)(8936002)(81166006)(7736002)(106356001)(6246003)(6116002)(68736007)(33656002)(5660300001)(74316002)(3660700001)(39060400002)(5250100002)(25786009)(4326008)(53936002)(54896002)(9686003)(6306002)(3846002)(790700001)(6436002)(3280700002)(97736004)(55016002)(102836004)(6506007)(186003)(26005)(86362001)(478600001)(316002)(14454004)(93886005)(99286004)(2900100001)(7696005)(76176011)(66066001); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR14MB1151; H:MWHPR14MB1376.namprd14.prod.outlook.com; FPR:; SPF:None; PTR:InfoNoRecords; MX:1; A:1; LANG:en;
received-spf: None (protection.outlook.com: digicert.com does not designate permitted sender hosts)
x-microsoft-antispam-message-info: x+/B1Wqqkhwvr2g4NLJREKs1y4Lh6Iofqq8aRjbY2Yp9EYtJGiBuEqBXrESVl8SRTcQULiAFjWPrldoSW15iRcb5XaGM0Gdgx4sgS9ICTo86VGa63S2Ahdz+ZwOt2Y+g7lq7ReopmRHLLtLi4wfy69E+Wc07EgBMITTmxHxdcnTP3aweHRbZk5CP/MEkdYAp7zBdW07UwnWBqKVoHuzLKiAnvhNVl9eE0k1Y1TCpEIM4YCyxcxBTbrZGlcwExI5En3VVhwWi8LW1l/C0V74sLOuQoxHwordMQpFvgv1prZ57VAJ6eLiL2tQ2yK0B3p05z3UqtBTCAq3EM5Z0jRE6Og==
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/signed; protocol="application/x-pkcs7-signature"; micalg=2.16.840.1.101.3.4.2.1; boundary="----=_NextPart_000_048B_01D3B42A.06C3FCD0"
MIME-Version: 1.0
X-OriginatorOrg: digicert.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 7deb1bcb-50a6-40d6-f1ce-08d5827bd736
X-MS-Exchange-CrossTenant-originalarrivaltime: 05 Mar 2018 09:31:14.4677 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: cf813fa1-bde5-4e75-9479-f6aaa8b1f284
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR14MB1151
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/YdOf7BIviyxqqy0fcJKcM8PvL1U>
Subject: Re: [lamps] Revocation Request Format?
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Mar 2018 09:31:22 -0000

I agree with this.  There’s no need to rush into anything as no buildings are currently burning down, but some of the things people are doing are slightly silly, and it would be worthwhile to come up with a set of potentially non-silly things, and look at the advantages/disadvantages of each.

 

It might be good to start with a Use Cases document first, to figure out who the participants/constituents would be. This would align with Stephen’s remark re: what writers of private key handling s/w should use. Considering such solutions naturally preclude solving (some of) the “compromise” scenarios that must be dealt with today, the merits of those use cases could be independently evaluated before trying to shape such work.