IETF Logo Mail Archive

Re: [TLS] [pkix] New version of Multiple OCSP mode of Certificate

Peter Gutmann <pgut001@cs.auckland.ac.nz> Sat, 07 August 2010 04:42 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@core3.amsl.com
Delivered-To: tls@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3371B3A6359; Fri, 6 Aug 2010 21:42:25 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.127
X-Spam-Level:
X-Spam-Status: No, score=-3.127 tagged_above=-999 required=5 tests=[AWL=0.157, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, SARE_MILLIONSOF=0.315]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BgtK3+rMvkXy; Fri, 6 Aug 2010 21:42:23 -0700 (PDT)
Received: from mx2-int.auckland.ac.nz (mx2-int.auckland.ac.nz [130.216.12.41]) by core3.amsl.com (Postfix) with ESMTP id BCCAE3A6972; Fri, 6 Aug 2010 21:42:21 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=auckland.ac.nz; i=pgut001@cs.auckland.ac.nz; q=dns/txt; s=uoa; t=1281156175; x=1312692175; h=from:to:subject:cc:in-reply-to:message-id:date; z=From:=20Peter=20Gutmann=20<pgut001@cs.auckland.ac.nz> |To:=20Nicolas.Williams@oracle.com,=20pgut001@cs.auckland .ac.nz|Subject:=20Re:=20[pkix]=20[TLS]=20=20New=20version =20of=20Multiple=20OCSP=20mode=20of=20Certificate|Cc:=20m rex@sap.com,=20pkix@ietf.org,=20tls@ietf.org|In-Reply-To: =20<20100806145134.GS5213@oracle.com>|Message-Id:=20<E1Oh bF2-0001M9-7k@wintermute02.cs.auckland.ac.nz>|Date:=20Sat ,=2007=20Aug=202010=2016:42:40=20+1200; bh=lFtcF3Vd1wAC0GbSQRGharXo2sotT5b54dDYqz4zXQc=; b=GpwL6uccilkxaL9zcW/uRW77DQuUnRsYMUIIIRDp4by4W/QM4p7xxVXS y8Z1x5MiNvYlASi/b8rx5E8CupPR6/gPP2zTnRL1tayHVQHwvgXcVPYcX lAh4y0s3O54udhnvHo4/yGqFyv6ahCq8siR9Nua2PadqXOz71mTa6HLpQ c=;
X-IronPort-AV: E=Sophos;i="4.55,332,1278244800"; d="scan'208";a="19626355"
X-Ironport-HAT: UNIVERSITY - $RELAY-THROTTLE
X-Ironport-Source: 130.216.207.92 - Outgoing - Outgoing
Received: from wintermute02.cs.auckland.ac.nz ([130.216.207.92]) by mx2-int.auckland.ac.nz with ESMTP/TLS/AES256-SHA; 07 Aug 2010 16:42:40 +1200
Received: from pgut001 by wintermute02.cs.auckland.ac.nz with local (Exim 4.69) (envelope-from <pgut001@cs.auckland.ac.nz>) id 1OhbF2-0001M9-7k; Sat, 07 Aug 2010 16:42:40 +1200
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Nicolas.Williams@oracle.com, pgut001@cs.auckland.ac.nz
In-Reply-To: <20100806145134.GS5213@oracle.com>
Message-Id: <E1OhbF2-0001M9-7k@wintermute02.cs.auckland.ac.nz>
Date: Sat, 07 Aug 2010 16:42:40 +1200
Cc: pkix@ietf.org, tls@ietf.org
Subject: Re: [TLS] [pkix] New version of Multiple OCSP mode of Certificate
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 07 Aug 2010 04:42:25 -0000

Nicolas Williams <Nicolas.Williams@oracle.com> writes:

>Why would you use PKI in such a case

Well just off the top of my head there's tens of millions of DOCSIC certs
(although they're based on MAC addresses not IP addresses, they don't quite go
all the way up to IP), RPKI certs (although they're more likely to use AS
numbers rather than IP addresses), for pure IP there's masses of SCADA stuff
conforming to ISO 62351, DNP 3.0, IEC 61850, and probably a futher list as
long as your arm.

Peter.

v2.23.0 | Report a Bug | By Email