Re: [TLS] registering x-509 mime types

Anders Rundgren <anders.rundgren.net@gmail.com> Wed, 02 April 2014 07:42 UTC

Return-Path: <anders.rundgren.net@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EE1161A0027 for <tls@ietfa.amsl.com>; Wed, 2 Apr 2014 00:42:39 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZuIrySgE4_yt for <tls@ietfa.amsl.com>; Wed, 2 Apr 2014 00:42:35 -0700 (PDT)
Received: from mail-wi0-x22c.google.com (mail-wi0-x22c.google.com [IPv6:2a00:1450:400c:c05::22c]) by ietfa.amsl.com (Postfix) with ESMTP id 7E0701A001B for <tls@ietf.org>; Wed, 2 Apr 2014 00:42:35 -0700 (PDT)
Received: by mail-wi0-f172.google.com with SMTP id hi2so5079177wib.11 for <tls@ietf.org>; Wed, 02 Apr 2014 00:42:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type:content-transfer-encoding; bh=ztfwhBcCaFJopBTB9kehf6R7S7x2s2NEPPct7uhjh8M=; b=zi08zVLWHtAcwrna3nIuCJi/+yHpTto9e4p+UNe2jQaU81r0XGLj5rycz6o1G6XnRG 1l7GBI6tEVLs1xjl9ll3Ey8Dd7cCNXUkLw2bJqt+VmBFQfffMnD+rVJYAzNWJChgs+3l 2Ww4NMG1p2L2sWVJ/+keEzBb5S8yANNWsoj/ixOzgiVT/LAvHq55KEB8epPm0V+6BQlD 91Q8eFdLmS3yoZv1vv4ohpqH75VrTGa6wab0175sQCPImhHjt0d0vyzhshmKoT2qbeiA c+2ZsnWo28XWHj+ygX6y5BX04eP5S/5s7g9NTQLmAMjwX45QHM6Ok7hcCq4kCQnbdsGV zeZQ==
X-Received: by 10.194.57.38 with SMTP id f6mr20147974wjq.59.1396424551282; Wed, 02 Apr 2014 00:42:31 -0700 (PDT)
Received: from [192.168.1.99] (40.247.130.77.rev.sfr.net. [77.130.247.40]) by mx.google.com with ESMTPSA id gr2sm1682625wjc.12.2014.04.02.00.42.29 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 02 Apr 2014 00:42:30 -0700 (PDT)
Message-ID: <533BBF61.6060307@gmail.com>
Date: Wed, 02 Apr 2014 09:42:25 +0200
From: Anders Rundgren <anders.rundgren.net@gmail.com>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:24.0) Gecko/20100101 Thunderbird/24.4.0
MIME-Version: 1.0
To: "henry.story@bblfish.net" <henry.story@bblfish.net>, TLS Mailing List <tls@ietf.org>
References: <676D7423-514E-40A1-9CE5-DCBE3E5811FC@bblfish.net>
In-Reply-To: <676D7423-514E-40A1-9CE5-DCBE3E5811FC@bblfish.net>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/qzflmo2T4mjaYP6A_rC4B-kMY7E
Subject: Re: [TLS] registering x-509 mime types
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 02 Apr 2014 07:42:40 -0000

Henry,

There was a looooooooong discussion about these types in PKIX
but the WG rejected supporting existing practices and insisted
that those who "violate" the standard (which came much too late)
should be punished.

That is, there *are* already IANA definitions for certificate
MIME types, but they are hardly ever used.

AFAIK, the "x-" actually means non-standard.

Anders

On 2014-04-02 08:30, henry.story@bblfish.net wrote:
> Hi,
> 
>   The HTML5 keygen element [1] works by having the browser send a public key to the
> server which can then return an X509 certificate back to the browser using one of the
> following mime types [2]
> 
>     (a) application/x-x509-user-cert 
>     (b) application/x-x509-ca-cert 
>     (c) application/x-x509-email-cert
> 
> This seems to work for most browsers - Safari, Chrome, Nescape, Opera - and has
> been functioning like this since at least the year 2000 I think. The keygen tag
> was only added to html officially a few years ago.
> 
>   What is missing though is that these mime types are not registered at IANA.
> Is there anyone here ( or perhaps I should look somewhere else ) who would like
> to register that at IANA? It would at least make it easier for developers building
> web sites to work out what the correct mime type to use is.
> 
>   Perhaps one could also then get the html5 people to add a note about this
> to their specification.  
> 
>    http://lists.whatwg.org/htdig.cgi/whatwg-whatwg.org/2014-April/084613.html
> 
> 
>  Henry
> 
> 
> [1] http://www.w3.org/html/wg/drafts/html/CR/forms.html#the-keygen-element
> [2] https://wiki.mozilla.org/CA:Certificate_Download_Specification
> [3] http://www.iana.org/assignments/media-types/media-types.xhtml
> 
> Social Web Architect
> http://bblfish.net/
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>