IETF Logo Mail Archive

Re: [lamps] Proposed recharter text

Michael Richardson <mcr+ietf@sandelman.ca> Mon, 15 February 2021 23:06 UTC

Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: spasm@ietfa.amsl.com
Delivered-To: spasm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CFD5D3A12B4 for <spasm@ietfa.amsl.com>; Mon, 15 Feb 2021 15:06:02 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tzbtxJttznsA for <spasm@ietfa.amsl.com>; Mon, 15 Feb 2021 15:06:00 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [209.87.249.19]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CC3FC3A12B2 for <spasm@ietf.org>; Mon, 15 Feb 2021 15:06:00 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by tuna.sandelman.ca (Postfix) with ESMTP id EE03838995; Mon, 15 Feb 2021 18:09:37 -0500 (EST)
Received: from tuna.sandelman.ca ([127.0.0.1]) by localhost (localhost [127.0.0.1]) (amavisd-new, port 10024) with LMTP id H5KhlJu5KCxN; Mon, 15 Feb 2021 18:09:36 -0500 (EST)
Received: from sandelman.ca (obiwan.sandelman.ca [209.87.249.21]) by tuna.sandelman.ca (Postfix) with ESMTP id 1854E38994; Mon, 15 Feb 2021 18:09:36 -0500 (EST)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 15BB29DD; Mon, 15 Feb 2021 18:05:57 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: Tadahiko Ito <tadahiko.ito.public@gmail.com>
cc: Ryan Sleevi <ryan-ietf@sleevi.com>, LAMPS WG <spasm@ietf.org>
In-Reply-To: <CAFTXyYAD00RPhokSAWmyVom=yGCeSBwfzk4moXbvtJ_GdBvOHQ@mail.gmail.com>
References: <CAFTXyYAD00RPhokSAWmyVom=yGCeSBwfzk4moXbvtJ_GdBvOHQ@mail.gmail.com>
X-Mailer: MH-E 8.6+git; nmh 1.7+dev; GNU Emacs 26.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha512"; protocol="application/pgp-signature"
Date: Mon, 15 Feb 2021 18:05:57 -0500
Message-ID: <2826.1613430357@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/spasm/qBwsVT_R5hn22yLdazTxY2OF6Rg>
Subject: Re: [lamps] Proposed recharter text
X-BeenThere: spasm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is a venue for discussion of doing Some Pkix And SMime \(spasm\) work." <spasm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/spasm>, <mailto:spasm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/spasm/>
List-Post: <mailto:spasm@ietf.org>
List-Help: <mailto:spasm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/spasm>, <mailto:spasm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 15 Feb 2021 23:06:03 -0000

Tadahiko Ito <tadahiko.ito.public@gmail.com> wrote:
    > As far as can I see, RFC5280 is based on the directory system which
    > seems to be a general and ideal concept. As a result, 5280 seems to
    > have become a general and ideal "profile" for certificates. Since 5280
    > is general and ideal (and too heavy), the actual implementations of PKI
    > became a subset of RFC5280.

If you mean, the X.500 directory, then I think that RFC5280 is way beyond
those days.

    > I'm wondering if we can create some sort of a new Best Practice
    > document which assumes more specific use cases (e.g. webPKI, PKI with
    > trust list and without bridge, etc.) while making RFC5280 as an IS,
    > which would fill in the gaps.

Well, the problem is that the parts of 5280 which we don't use, which would
be omitted from this Best Practice document, are the parts that we need to
cut out of 5280 for it to advance to IS.

That's why I think that a (12-18 month) pause to get some of the PQC
work out of the way, and then a respin to make 5280bis would make sense.

--
Michael Richardson <mcr+IETF@sandelman.ca>   . o O ( IPv6 IøT consulting )
           Sandelman Software Works Inc, Ottawa and Worldwide

v2.23.0 | Report a Bug | By Email