IETF Logo Mail Archive

Re: [lamps] Call for adoption for draft-ito-documentsigning-eku

Tomofumi Okubo <tomofumi.okubo@digicert.com> Tue, 27 July 2021 22:31 UTC

Return-Path: <tomofumi.okubo@digicert.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 13E823A0C45 for <spasm@ietfa.amsl.com>; Tue, 27 Jul 2021 15:31:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.548
X-Spam-Level:
X-Spam-Status: No, score=-2.548 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.452, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=digicert.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2lw_7sp3ssBQ for <spasm@ietfa.amsl.com>; Tue, 27 Jul 2021 15:31:36 -0700 (PDT)
Received: from us-smtp-delivery-173.mimecast.com (us-smtp-delivery-173.mimecast.com [216.205.24.173]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7CD233A0C3B for <spasm@ietf.org>; Tue, 27 Jul 2021 15:31:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=digicert.com; s=mimecast20190124; t=1627425090; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=0077WGOGjq3TKqHbTDDpauNlhvJM6TjL5AGWA5FbM0U=; b=P/nXb8KEyAFa0HCJnet/ZjRNO+eDrL6LUuB+jl8VlXhaoVlIsvGMFb2ZIV3//V/f5BUxQz YNRwqkT4+1dilWLmznYknBOU3CQB0AWaTKl4BFMrewsC7dffGunwRU16o0ssFH2SUjUQG3 KZyMuAFlHU2j8ufeoDaPnTiL7Q5lZug=
Received: from NAM04-DM6-obe.outbound.protection.outlook.com (mail-dm6nam08lp2046.outbound.protection.outlook.com [104.47.73.46]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-407-aqsF3H16NpGt9gCaJ3OJJw-1; Tue, 27 Jul 2021 18:31:28 -0400
X-MC-Unique: aqsF3H16NpGt9gCaJ3OJJw-1
Received: from CO6PR14MB4468.namprd14.prod.outlook.com (2603:10b6:5:341::18) by MWHPR1401MB2030.namprd14.prod.outlook.com (2603:10b6:301:53::9) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4352.29; Tue, 27 Jul 2021 22:31:26 +0000
Received: from CO6PR14MB4468.namprd14.prod.outlook.com ([fe80::446f:6607:41a1:d345]) by CO6PR14MB4468.namprd14.prod.outlook.com ([fe80::446f:6607:41a1:d345%9]) with mapi id 15.20.4352.032; Tue, 27 Jul 2021 22:31:26 +0000
From: Tomofumi Okubo <tomofumi.okubo@digicert.com>
To: Ryan Sleevi <ryan-ietf@sleevi.com>
CC: Eliot Lear <lear@lear.ch>, LAMPS WG <spasm@ietf.org>, Russ Housley <housley@vigilsec.com>
Thread-Topic: [lamps] Call for adoption for draft-ito-documentsigning-eku
Thread-Index: AQHXgmt0QMupuIW3ykGko7ZvhDnMWqtWBoCAgADxBwCAAAmlgIAANNYwgAAsyACAAAIN4A==
Date: Tue, 27 Jul 2021 22:31:26 +0000
Message-ID: <CO6PR14MB44688BC4188063BCA54E80C4EAE99@CO6PR14MB4468.namprd14.prod.outlook.com>
References: <CD589623-52EE-4958-80AB-73F0CFB3A36E@vigilsec.com> <CAErg=HF_hcXO=9=KJh5EBEov4ybS_8g4xF=cANL9+83UvP0zvQ@mail.gmail.com> <adf86f46-093f-756f-8292-9b5e088f4344@lear.ch> <CAErg=HEUFV2F8R8g8e6yCDKz_e6RebNyB5Zb2Lvgn4oc3BtE-w@mail.gmail.com> <CO6PR14MB4468A7A5EB138542CEBA5D9CEAE99@CO6PR14MB4468.namprd14.prod.outlook.com> <CAErg=HH4aDgju=8C7Neq_4H19EX8S2inNd9fMAMYH3h95S48Rg@mail.gmail.com>
In-Reply-To: <CAErg=HH4aDgju=8C7Neq_4H19EX8S2inNd9fMAMYH3h95S48Rg@mail.gmail.com>
Accept-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: d823227d-2f8b-4c88-c6fa-08d9514e4548
x-ms-traffictypediagnostic: MWHPR1401MB2030:
x-microsoft-antispam-prvs: <MWHPR1401MB2030571A04570C5ACE5B8621EAE99@MWHPR1401MB2030.namprd14.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8273
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0
x-microsoft-antispam-message-info: Oa+hMJV9cAv6Q9S5QVUVOiIiD5luYjZrgctwfjMdq59Jvm+Q9TWT39hP2N+DvK3XgSedNf4285QVt+3LOn7BZo4lY9ogAldc+unBovYIXFBlwVnQzbpj1Z0NcxUzCte/blusI/THi4oWyD3sE9SkJldYY5xEwMxwjUyk7f3ig/GzrcqoZUY+mQpPfb9Ri+S0ClxZu3y+kJ68F4VyC9Sa4e/IMUnxr8wLqdmcLY5KAQNcuQQXzBejAvqH4PMLQbm2zx2q9M9XQX1JXsswNLXcCKPOp5OUAPeFRADL1DQ4cYmtoS3EH87S5Gad9TvuWZ6lePVcQHe8qg+AjCMeLgimIf8CGYYg481RMDuyPaxDHqewbEky8EjqQuwwQZQ2GdikMQFroY1kOWxzchEq2ufb2w/18DzJcqSIacZkDaeHc1Yr0I6DvzccoBB5g1poEOIfuGrLAIdVRW3Ww0IA7RULm62mSnK1vG/YZCuo2KYGa17AP9qFnai75+1b8AtRzymmYqSfwAfI+hd9yQc0L+ldD1NrtJdi/NaR9pQHG3/Zrzkot4e59t1vAvejraLqbJV7eKzd51thjtfQ2EyfUfCSAcONS8DVG3WpxxHEAlhNr+lLckbahEM171OjEiY3TGrwRERIkthtM9SDTvwdrWRvadkUnJZCr6a9s8bc9GcOyw/nzL6XYPABgm16lRmoNRQeInOzVWrr6O0/Aq1zzLBFlw==
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:CO6PR14MB4468.namprd14.prod.outlook.com; PTR:; CAT:NONE; SFS:(366004)(186003)(76116006)(4744005)(66476007)(6916009)(64756008)(66946007)(66446008)(316002)(26005)(53546011)(38070700005)(38100700002)(9686003)(7696005)(2906002)(71200400001)(55016002)(122000001)(33656002)(44832011)(66556008)(508600001)(5660300002)(54906003)(6506007)(8936002)(9326002)(8676002)(83380400001)(52536014)(4326008)(86362001); DIR:OUT; SFP:1102
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: F3qjrrShRPLE+Uj17fOuQyQfFdwIRPOT+O2jL1hJQcuq8jiVs3bkdS4Ybvoe0aHVuP8gbc9Q2A8MJzesaZBCQwYRQBi7MNMmCBmYEnmJaI8yNEivisRonejgbfICZH2ovOzw7IJKaUH2zc0Blv2sLkbyt+deAWzSTikZESgNtL+9MQKb71iQalrz9qjHNhMs6KJTYdVC5+AbXfOizgiScQ0Exmg8a8Glf++y+vKRn/NBuVl/AX0475k7RdsckJ/CH8bwQ0iJpISuWbF/EzTAwnzwyK08db1GijyHyQ9nGMXp3apfdyahYqq4Oi5xS3FMUIh7+aaxShKW3Up65wnC/4QBo0e/vQxcNEyDg6KeCj43V37buC4bikiPQTGSSJuJ1za3bi1pOtdQY0+MSam01CsPdDjR+UtBQ/QOtYno8grLaqmdgkiHClzHr7h6V9IShta4bVLphQUW/DK6sxEzTAnHQS7lB8BBEIWGudEeSt1Kyw3RyZSRttm4/SqRl8ImdVLCYQHt0izh2J2npWgLqkefymO33rGCcJs8Ydy34Nx1qUAhRER194oSsrJyTeiHdwQMy+4tAy57XbTkmmRCnPM3+fGFmf6p+FrIJpAiCzmHAfXm+sxZq3gYpDZXXQmfPKZnt77ADI/LJbgyGtix89RGVW1qxdCGC5NdEWGZEO+jtp8XNvZ4/VnPtuUToXIQcLORzghNoN1hpe/ajscieXRAXhhbD68niZrRs0dWzJB9F3MEJT5NExCdE4snvCt7bxi/ObTyy5q2umpuiUZLfwkGptwr8Zua3RUMBYMY2/JcFpXb2nc39gqLwkKk7TghZFZcN0Pjtj/pcYHKklXoASJf77MPEKr7Yyx1xVcjBJp/+W6Ddurb4+saSoxNUU8IDxrSOUsv0+sxtZhPur3Npw3pVDFbATyVtDLL8Bk8Env3+7JGzen9bfOurjy6L7T6/CMraUR+Np3AwInQdzLoLNRLRUWiK7SRRe+Gk9wdIAJaySJ+tkdoh7fQT34aN0NOKzVxr8u/Dpt9sMo6dgZIMtofgbBpK3O31PyFJteeioIFWYSFYh33cNQ7WrGYxWnMZFtORHy0hsn+SDtiJ6V98NCv+0jVVxTqk8FjtB62pS44quW0fxO8Km1IkL5jpMEEaL2X5mXmm6tqDOzg6+SrhxcqKjsWQUlacaUm9xTsluRLJ+R5NRGfGAkpATztgi5zwWiRQ6E1p/nW7gTkR2ETV6BQXFEWfMz+hInmRoitC43SYS/db7dQztTu7KdQ9rZeDlw9O0kc347rjKymodEsYwYTi1QnpbUAoUzcpc9KrQcv+DnAaqpFjUR8Ak4oiTjD
x-ms-exchange-transport-forked: True
MIME-Version: 1.0
X-OriginatorOrg: digicert.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: CO6PR14MB4468.namprd14.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d823227d-2f8b-4c88-c6fa-08d9514e4548
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Jul 2021 22:31:26.0605 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: cf813fa1-bde5-4e75-9479-f6aaa8b1f284
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: QPVHWbNDS/CMov3lmo1ZOi9cYgSeqmtVJK2ItUIE5FV2a4H1VLWSPJqb6D2cAFce0I/NRog4BYu/AZvDrwpOR3pUkcidJmk8HgglJ3kIgV0=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR1401MB2030
Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA73A393 smtp.mailfrom=tomofumi.okubo@digicert.com
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: digicert.com
Content-Language: en-US
Content-Type: multipart/alternative; boundary="_000_CO6PR14MB44688BC4188063BCA54E80C4EAE99CO6PR14MB4468namp_"
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/fYIV9BSsVF33XVqWL5EZgeRztEk>
Subject: Re: [lamps] Call for adoption for draft-ito-documentsigning-eku
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 27 Jul 2021 22:31:41 -0000

Hello Ryan,

Yes we believe so.
The section will be referring to an existing RFC which is currently in use.
Our expectation is that it will serve as a concrete example for the usage of this EKU.
We will try to update the document as soon as possible.

Cheers!
Tomofumi


From: Ryan Sleevi <ryan-ietf@sleevi.com>
Sent: Wednesday, July 28, 2021 7:08 AM
To: Tomofumi Okubo <tomofumi.okubo@digicert.com>
Cc: Ryan Sleevi <ryan-ietf@sleevi.com>; Eliot Lear <lear@lear.ch>; LAMPS WG <spasm@ietf.org>; Russ Housley <housley@vigilsec.com>
Subject: Re: [lamps] Call for adoption for draft-ito-documentsigning-eku



On Tue, Jul 27, 2021 at 3:33 PM Tomofumi Okubo <tomofumi.okubo@digicert.com<mailto:tomofumi.okubo@digicert.com>> wrote:
Thanks for the input Ryan.
We intend to add a section that addresses how the relying party can tell whether the EKU applies to a particular situation.
Cheers,
Tomofumi

Will it resolve the charter issue? Am I mistaken in believing there is a charter issue at play here?

v2.23.0 | Report a Bug | By Email