Re: [lamps] Deb Cooley's No Objection on draft-ietf-lamps-rfc5019bis-08: (with COMMENT)
Russ Housley <housley@vigilsec.com> Thu, 18 April 2024 15:21 UTC
Return-Path: <housley@vigilsec.com>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CA50C14F6B0; Thu, 18 Apr 2024 08:21:53 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.097
X-Spam-Level:
X-Spam-Status: No, score=-7.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=vigilsec.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3gGVtIPzziZO; Thu, 18 Apr 2024 08:21:48 -0700 (PDT)
Received: from mail3.g24.pair.com (mail3.g24.pair.com [66.39.134.11]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 92D50C14F698; Thu, 18 Apr 2024 08:21:48 -0700 (PDT)
Received: from mail3.g24.pair.com (localhost [127.0.0.1]) by mail3.g24.pair.com (Postfix) with ESMTP id 21A7AC2419; Thu, 18 Apr 2024 11:21:47 -0400 (EDT)
Received: from smtpclient.apple (pfs.iad.rg.net [198.180.150.6]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail3.g24.pair.com (Postfix) with ESMTPSA id D950DC2489; Thu, 18 Apr 2024 11:21:46 -0400 (EDT)
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3731.700.6.1.1\))
From: Russ Housley <housley@vigilsec.com>
In-Reply-To: <171343945625.10012.15976971882240685009@ietfa.amsl.com>
Date: Thu, 18 Apr 2024 11:21:36 -0400
Cc: IESG <iesg@ietf.org>, draft-ietf-lamps-rfc5019bis@ietf.org, LAMPS Chairs <lamps-chairs@ietf.org>, spasm@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <3C03CDD0-BF22-44A3-8E3E-89D922803E9E@vigilsec.com>
References: <171343945625.10012.15976971882240685009@ietfa.amsl.com>
To: Deb Cooley <debcooley1@gmail.com>
X-Mailer: Apple Mail (2.3731.700.6.1.1)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=vigilsec.com; h=content-type:mime-version:subject:from:in-reply-to:date:cc:content-transfer-encoding:message-id:references:to; s=pair-202402141609; bh=QSSQ3eCw5iSkOZJo1h64ZSJMbeJFdVBJGziAfVpVTOg=; b=m1ynOi8qOO1UQ5OCOH77TbqboDF5BqNnSeR7NFwpxD/02P8pIiGq5+rkRw8A3pZLAKRaii2UTRuEtw+4liXyyMRqRo6RjssAMsUBK/YQvbE6lBQxNo1oeDDY4WMvE8zeDrfSPv3bCNDLqG71K0YSU66g1PytjzOoti0uJ9oC0H+H76gydR7HsV55M8ahdLTLYMlQysnh9eXJhHwrQ6HxJsGEXMkw3/nj6CWz+3ZKmIIv1PqnzGDhDnOGhI1CT9Utmj4Co+JbbXqyVQ4CBdF02Cnur6WdIKj1KFahtcHmJq1KyXTZ0kVYecHsRPl3YjSuIzUb95LzpPmlv6YSnvNkPw==
X-Scanned-By: mailmunge 3.11 on 66.39.134.11
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/ghOe2yRpOF0YDp891Vkunmem2pg>
Subject: Re: [lamps] Deb Cooley's No Objection on draft-ietf-lamps-rfc5019bis-08: (with COMMENT)
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: This is the mail list for the LAMPS Working Group <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Apr 2024 15:21:53 -0000
Deb:
The ASN.1 is in RFC 6960:
ResponderID ::= CHOICE {
byName [1] Name,
byKey [2] KeyHash }
Is this the text?
~~~
Clients MUST be able to identify OCSP responder certificates using
the byKey field and SHOULD be able to identify OCSP responder
certificates using the byName field of the ResponseData.ResponderID
choices.
Older responders which provide backward compatibility with [RFC5019]
MAY use the byName field to represent the ResponderID, but should
transition to using the byKey field as soon as practical.
Newer responders that conform to this profile MUST use the byKey
field to represent the ResponderID to reduce the size of the
response.
~~~
If so, a reference to [RFC6960] after "ResponseData.ResponderID choices" is probably enough.
Russ
> On Apr 18, 2024, at 7:24 AM, Deb Cooley via Datatracker <noreply@ietf.org> wrote:
>
> Deb Cooley has entered the following ballot position for
> draft-ietf-lamps-rfc5019bis-08: No Objection
>
> When responding, please keep the subject line intact and reply to all
> email addresses included in the To and CC lines. (Feel free to cut this
> introductory paragraph, however.)
>
>
> Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/
> for more information about how to handle DISCUSS and COMMENT positions.
>
>
> The document, along with other ballot positions, can be found here:
> https://datatracker.ietf.org/doc/draft-ietf-lamps-rfc5019bis/
>
>
>
> ----------------------------------------------------------------------
> COMMENT:
> ----------------------------------------------------------------------
>
> I have only one comment:
>
> Section 3.2.2, Appendix A: The two terms 'byName' and 'byKey' are used without
> being defined (note: this is true in RFC 5019 too). There are numerous 'Name'
> fields in the ASN.1, but no 'Key' fields. My suggestion is to define these
> terms by pointing to the appropriate ASN.1 field.
>
> [note: finally, I get to ballot on a document I understand. LOL]
>
>
>
> _______________________________________________
> Spasm mailing list
> Spasm@ietf.org
> https://www.ietf.org/mailman/listinfo/spasm
- [lamps] Deb Cooley's No Objection on draft-ietf-l… Deb Cooley via Datatracker
- Re: [lamps] Deb Cooley's No Objection on draft-ie… Russ Housley
- Re: [lamps] Deb Cooley's No Objection on draft-ie… Deb Cooley