Re: [Trans] Precertificate format

Tomas Gustavsson <tomas@primekey.se> Tue, 09 September 2014 09:49 UTC

Return-Path: <tomas@primekey.se>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 07D041A0323 for <trans@ietfa.amsl.com>; Tue, 9 Sep 2014 02:49:51 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.902
X-Spam-Level:
X-Spam-Status: No, score=-3.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HELO_EQ_SE=0.35, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.652] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zLivJFa_nTua for <trans@ietfa.amsl.com>; Tue, 9 Sep 2014 02:49:48 -0700 (PDT)
Received: from mail.primekey.se (mail.primekey.se [213.179.18.11]) (using TLSv1.1 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 88ADA1A02BE for <trans@ietf.org>; Tue, 9 Sep 2014 02:49:48 -0700 (PDT)
Received: from mail.primekey.se (localhost [127.0.0.1]) by mail.primekey.se (Postfix) with ESMTP id 6977C45C00D1 for <trans@ietf.org>; Tue, 9 Sep 2014 11:49:46 +0200 (CEST)
Received: from [192.168.3.193] (gatekeeper.primekey.se [37.247.8.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mail.primekey.se (Postfix) with ESMTPSA id 5AE2045C00C3 for <trans@ietf.org>; Tue, 9 Sep 2014 11:49:46 +0200 (CEST)
Message-ID: <540ECD3A.4040704@primekey.se>
Date: Tue, 09 Sep 2014 11:49:46 +0200
From: Tomas Gustavsson <tomas@primekey.se>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.0
MIME-Version: 1.0
To: trans@ietf.org
References: <540DFA75.2040000@gmail.com> <540E0E90.1070208@bbn.com> <540E28FD.7050809@gmail.com>
In-Reply-To: <540E28FD.7050809@gmail.com>
Content-Type: text/plain; charset="windows-1252"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: ClamAV using ClamSMTP
Archived-At: http://mailarchive.ietf.org/arch/msg/trans/9_TG_JJXO6RkMi32Sc0m9078ZVs
Subject: Re: [Trans] Precertificate format
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Sep 2014 09:49:51 -0000

Hi,

I originally suggested (in the mail thread referenced) the CertTemplate 
format from RFC4211, it has subject, issuer, serialNumber and extensions 
(basically a TBSCertificate).

Although the RFC says that serialNumber MUST be omitted, this is for 
certificate request purposes and can surely be redefined.

Don't remember if there were any other technical issues preventing a 
CertTemplate to be used?

Cheers,
Tomas


On 2014-09-09 00:09, Melinda Shore wrote:
> To be honest I'm a bit concerned that this has been kicked around
> for as long as it has, without progress.  This was one of the first
> topics to be discussed shortly after working group formation (see
> thread starting here:
> http://www.ietf.org/mail-archive/web/trans/current/msg00050.html).
>
> It may be worth taking a look at that thread and seeing if you
> ("you" working group participants, not Steve specifically)
> can find something useful.  I do think it's time to start coming
> up with concrete counterproposals.
>
> Melinda
>
> _______________________________________________
> Trans mailing list
> Trans@ietf.org
> https://www.ietf.org/mailman/listinfo/trans
>